CNA Financial pays out one of the biggest ransomware payments ever

Yet CNA officially denies engaging with attackers

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

US insurance company CNA Financial has reportedly handed over $40 million to aransomwaregang in order to buy back control of their computers.

According to CNA’s own investigations, it fell victim to the Phoenix Locker ransomware, which, according tocybersecurityexperts, is an offshoot of the Hades ransomware that was first unleashed by the infamous Russian cybercrime operators known as Evil Corp.

In a traditional double-extortion scheme, the operators behind Phoenix Locker encrypted CNA computers, reportedly after making away with loads of confidential data.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

However two anonymous individuals have now toldBloombergthat the company gave in to the demands and paid the ransom two weeks after the attack.

Ransomware menace

Ransomware attacks are one of the biggest threats to corporate networks.

According to the investigation by an FBI agent, victims paid over$140 million as ransomto their attackers in 2020, while some estimate this figure to be as high as$350 million.

If the amount quoted by the anonymous sources is true, the CNA ransom is perhaps the biggest payment ever. For comparison,Colonial Pipelinepaid about $5 million to their attacker last week, despite the fact that the attack disrupted the supply of fuel in several parts of the US.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Officially, CNA refused to comment on the ransom saying that the company consulted and shared intelligence about the attack and the hacker’s identity with the US law enforcement agencies in accordance with the law.

Cybersecurity challenge

CNA’s response isn’t surprising as the US administration and security agenciesadvise against payingextortion fees, though there is currently no law that prevents victims paying the ransom.

In a major announcement last week,AXAsaid that it would suspend the writing of cyber insurance policies for its French customers that refund the cost of ransom payments.

However, in a strange turn of events,AXA itself fell victimto a ransomware attack and had to reportedly cough up the ransom to wriggle out of the situation.

ViaEngadget

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

This dangerous new malware is hitting Windows devices by hiding in games

Windows PCs targeted by new malware hitting a vulnerable driver

Steps to take when your phone number is publicly listed online