6. CNA disconnected systems after March cyberattack
Posted On: Dec. 28, 2021 7:38 AM CST
The rise in ransomware attacks over the past year hit some cyber liability insurers from multiple directions.
CNA Financial Corp. said in March it had been the target of a “sophisticated cybersecurity attack” that led it “out of an abundance of caution” to disconnect certain systems from its network. The story detailing the attack was the sixth most read risk management-related story on Business Insurance’s website in 2021.
The insurer alerted law enforcement and brought in a team of third-party forensics experts to investigate and determine the incident’s full scope.
That was far from the end of the matter, however. It was not until two weeks later that CNA said its website was functioning again and that its corporate email system had been restored. The attack was reported to have been carried out by a hacker group known as Phoenix.
The insurer reportedly paid $40 million to regain control of its system after it initially ignored the hacker’s demand for a $60 million ransom, then started negotiations within a week.
CNA said insurance would not cover all its losses from the attack, and that it would incur higher cybersecurity insurance costs in the future.