CNA updates system restoration efforts after ransomware attack

The cyberattack that crippled CNA Financial Corp.’s computer systems nearly two weeks ago has been contained and the insurer has reestablished the functionality of its email, according to an update posted to the CNA website Thursday.

The website remains down, other than messages posted to the homepage.

CNA said in the update that the malware used against it “does not contain the ability to automatically spread to any internal or external systems.”

The restored email system is protected by multifactor authentication and other security measures have been implemented, the statement said.

“We are working as diligently and as quickly as possible to fully resume normal operations,” the statement said.

CNA disclosed last month that it had disconnected its systems after suffering a “sophisticated cybersecurity attack.” The ransomware attack was carried out by a hacker group known as Phoenix.