Insurance provider CNA Financial has announced it was targeted in a cyber attack, later confirmed as involving the newly identified “Phoenix Cryptolocker” ransomware. Files on more than 15,000 devices were encrypted, including devices of employees working remotely. It is realistically possible that Phoenix Cryptolocker’s operators attacked CNA Financial as a steppingstone to attack its customers covered by cyber insurance policies, or to create a list of customers to potentially target. Organizations covered by cyber insurance are an attractive target for ransomware, because the attackers can tailor the ransom demand to the covered amount and increase the likelihood of receiving payment. Ransomware attacks will highly likely continue, and it is realistically possible that threat groups will continue to attempt supply-chain attacks to distribute ransomware.
A user of the cybercriminal forum RaidForums has offered 533 million records of Facebook user data for only...
Most Recent Flipbooks
Main story: Ransom Cartel and REvil: Partners in cybercrime?
Main story: Hacktivists fan flames of Iranian anti-regime protests
Main story: ProxyNotShell spells déjà vu for MS Exchange Server defenders
Main story: Rogue ex-developer leaks LockBit 3.0 builder
Main story: Uber compromised by Lapsus$'s resurgence
Main story: Cyber attacks shock the Italian energy sector
Main story: Back to school for students and ransomware groups
Main story: LastPass suffers source code data breach
Main story: LockBit under DDoS attack: Entrust strikes back?
Main Story: Cisco defies extortion attempts after network breach
Main story: Cybercriminals scramble for new hiding places after 911 proxy service folds
Main story: Free-to-use Redeemer opens doors for ransomware enthusiasts