In late March, US insurance company CNA Financial paid hackers $40 million to escape ransomware damage, reports have emerged.
According to reports, CNA Financial suffered two weeks of hijacking of bulk business information and the loss of its employees’ internal networks. The ransomware can be reminiscent of the Colonial Pipeline, which recently ran out of fuel in the United States, but it paid a ransom of $4.4 million. The amount known to have been paid by CNS Financial is nine times higher than this.
CNA Financial said that it did not disclose the ransom amount and said that it responded to the issue in accordance with all laws and regulations and the 2020 Ransomware Response Guidelines issued by OFAC, Office of Foreign Assets Management, U.S. Department of the Treasury.
The ransomware that attacked CNA Financial is a Hades variant created by Evil Corp, a Russian hacker group called Phoenix Locker. Evilcorp is also known to be related to WastedLocker, a malware related to the 2020 Garmin ransomware attack. However, it is unknown whether the hacker group that attacked CNA Financial is related to Evil Code.
When ransomware is mixed into the corporate network as an e-mail attachment, it spreads infections one after another to PCs on the network, encrypts the PC storage, makes it impossible to operate the screen, and asks for money in exchange for the release key. say code. The damage is increasing every year, and if there were a lot of attacks targeting public institutions or hospitals with weak security in the past, it seems that they have recently turned an arrow to general companies, probably because there is a concern about human casualties when infrastructure facilities or hospital functions are paralyzed. This year, in the game industry as well, CD Projekt Red, the developer of Cyberpunk 2077, suffered damage, resulting in large-scale leaks of source codes for various works and delays in large-scale updates to fix bugs. Related information can be found here.