SECURITY
SECURITY
SECURITY
Insurance company CNA Financial goes offline following a cybersecurity attack
Insurance company CNA Financial Corp. has suffered a cybersecurity attack and the company’s offline as of late Wednesday.
The exact form of the attack is unknown. The company said on its website that it had been targeted by a “sophisticated cybersecurity attack.” The attack is said by the company to have caused “network disruption and impacted certain CNA systems, including corporate email.”
“Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing,” the company said. “We have alerted law enforcement and will be cooperating with them as they conduct their own investigation.”
The likeliest culprit is a ransomware attack. While not saying it was REvil, Bleeping Computer reported that the REvil ransomware gang stated in a recent interview that insurance companies are valuable targets.
“Yes, this is one of the tastiest morsels,” a spokesperson for REvil said. “Especially to hack the insurers first — to get their customer base and work in a targeted way from there. And after you go through the list, then hit the insurer themselves.”
If it was REvil, the attack on CNA is yet another notch on its hacking list. The ransomware gang was last in the news March 21 for successfully targeting hardware and electronics firm Acer Inc. and demanding a $50 million ransom. Previous REvil victims include celebrity law firm Grubman Shire Meiselas & Sacks in May and foreign exchange provider Travelex in late December 2019.
But insurance companies are an especially tempting target, Saryu Nayyar, chief executive officer of unified security and risk analytics company Gurucul Solutions Pvt Ltd. A.G., told SiliconANGLE.
“If an attacker can extract a list of clients who have cyberattack insurance, those clients in turn become inviting targets themselves,” Nayyar explained. “Since they have insurance, they are seen as more likely to pay off a ransom. It’s a win-win for the attackers and a lose-lose for everyone else.”
Image: CNA
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
