Insurance provider CNA Financial has announced it was targeted in a cyber attack, later confirmed as involving the newly identified “Phoenix Cryptolocker” ransomware. Files on more than 15,000 devices were encrypted, including devices of employees working remotely. It is realistically possible that Phoenix Cryptolocker’s operators attacked CNA Financial as a steppingstone to attack its customers covered by cyber insurance policies, or to create a list of customers to potentially target. Organizations covered by cyber insurance are an attractive target for ransomware, because the attackers can tailor the ransom demand to the covered amount and increase the likelihood of receiving payment. Ransomware attacks will highly likely continue, and it is realistically possible that threat groups will continue to attempt supply-chain attacks to distribute ransomware.
A user of the cybercriminal forum RaidForums has offered 533 million records of Facebook user data for only...
Most Recent Flipbooks
Main story: Attackers seize Microsoft zero-day for malware dissemination, espionage
Main story: REvil REturns with new data-leak site
Main story: Russian cyber attacks on Ukraine: Where’s the boom?
Main story: Karakurt Hacking Team moonlights as Conti side business
RaidForums takedown sends cybercriminals scrambling
Carbanak group’s evolution extends to ransomware
Q1 2022: What happened and what lies ahead
Maverick extortionist group Lapsus$ goes after big tech
US executive order pushes for responsible cryptocurrency use
The Russia-Ukraine war has triggered a resurgence of hacktivism around the world
The US government has issued an alert about the Iran-linked "MuddyWater" advanced persistent threat group
Conti ransomware group aims to ascend with new tools, structure
US DoJ arrests shine light on ease and impact of cryptocurrency laundering