CNA Ins. Cyber Attack- Expert Comments

By   ISBuzz Team
Writer , Information Security Buzz | Mar 25, 2021 04:11 am PST

CNA Insurance has undergone a cyberattack that has disrupted their network. The attack was determined on March 21 and CNA has since posted a statement on their website. Excerpt:

“On March 21, 2021, CNA determined that it sustained a sophisticated cybersecurity attack. The attack caused a network disruption and impacted certain CNA systems, including corporate email.”

“Upon learning of the incident, we immediately engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing. We have alerted law enforcement and will be cooperating with them as they conduct their own investigation.”

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Saryu Nayyar
Saryu Nayyar , CEO
InfoSec Expert
March 25, 2021 12:12 pm

<p>There is little information about the attack against CNA insurance as yet, but insurance agencies are a tempting target for cybercriminals.  If an attacker can extract a list of clients who have cyber-attack insurance, those clients in turn become inviting targets themselves.  Since they have insurance they are seen as more likely to pay off a ransom. It\’s a win-win for the attackers and a lose-lose for everyone else.</p> <p> </p> <p>Organizations need to up their cybersecurity game if they don\’t want to become a victim themselves.  There is more to it than checking the boxes so they can get insurance.  They need to implement best practices and take cybersecurity seriously.  It needs to be ingrained in process, policy, and company culture.  And that needs to be backed up with best in breed security solutions, such as security analytics, that can blunt an attack when malicious actors get past the perimeter.</p>

Last edited 2 years ago by Saryu Nayyar

Recent Posts

Would love your thoughts, please comment.x