Join our subscribers
Cyber Insurance Firm Suffers Sophisticated Ransomware Cyber Attack; Data Obtained May Help Hackers Better Target Firm’s Customers
Monday, April 5, 2021
It also published its forensic investigation report findings. CNA disclosed that the ransomware used during the cyber attack could not automatically propagate through internal and external systems.
Responding to the cyber attack on CNA Financial, Ilia Kolochenko CEO, Founder, and Chief Architect at ImmuniWeb, downplays the risk posed by leaked policyholders’ data.
“I think, today it’s premature to talk about a major spike in attacks targeting insurance firms with a purpose to steal lists of customers who have cybersecurity insurance,” Kolochenko says. “It may appear intuitive to attack victims who have cyber insurance. However, this does not necessarily require hacking into insurance firms.”
He noted that many companies readily disclose having cyber insurance to boost customer and investor confidence.
“Moreover, cybercriminals will unlikely go through lengthy cyber insurance contracts to ferret out which specific incidents are covered and what are the numerous exclusions. This is a laborious process and even the victims cannot be certain of eventual coverage as demonstrated by a surge of litigation for refusal of coverage under different pretexts”
He believes that cybercriminals prefer to spend the least time and effort by targeting low-hanging fruits for a quick payout.
“More sophisticated cyber gangs do carefully select their victims in ransomware campaigns but it’s unlikely whether cyber insurance cover for a victim will play a major role in the process.” Read Full Article
teiss: Booking.com fined €475,000 over delay in reporting a breach
Computing: Booking.com fined €475,000 for late reporting of data breach
