Insurance Firm CNA Pays $40m To Ransomware Criminals

The ransomware scourge continues to bring in lucrative returns for the criminal gangs operating the cyberattacks, according to a recent report.

According to Bloomberg, CNA Financial, one of the largest US insurance companies, paid $40 million to free itself from a ransomware attack that occurred in March.

The hackers stole data from the Chicago-based insurance giant, and initially demanded a $60 million ransom. Bloomberg reported that negotiations started about a week after some of CNA’s systems were encrypted, and the insurance company paid the ‘lower sum’ of $40 million a week later.

Huge payout

If this $40 million ransomware pay out is confirmed, it will be one of the world’s highest ransom payouts that has been publicly disclosed.

It should be noted ransomware demands in the millions is not unusual.

Apple and Acer had data compromised earlier this year, and each were asked for a $50 million ransom.

For its part, CNA told Bloomberg that it wouldn’t comment on the ransom, but that it had “followed all laws, regulations, and published guidance, including OFAC’s 2020 ransomware guidance, in its handling of this matter.”

In an update from 12 May, CNA reportedly said it believes its policyholders’ data was unaffected.

According to Bloomberg, the ransomware that locked CNA’s systems was Phoenix Locker, a derivative of another piece of malware called Hades.

Hades was allegedly created by the Russia-based gang Evil Corp.

Earlier this month British Foreign Secretary Dominic Raab warned Russia that it cannot continue to shelter criminal gangs carrying out ransomware attacks on Western nations.

Colonial pipeline

Another major ransomware hack took place this month when Colonial Pipeline was attacked by DarkSide, causing widespread fuel shortages on the US east coast.

Indeed, so serious was the attack that the US government engaged emergency powers and US President Joe Biden received “personal briefings” about the cyberattack.

The Colonial Pipeline runs between Texas and New Jersey and is 5,500 mile long.

It was soon reported that Colonial Pipeline had paid DarkSide $5 million in ransom, but CEO Joseph Blount later admitted paying DarkSide a ransom of $4.4 million.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

2 days ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

2 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

2 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

3 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

3 days ago