Billion-Dollar Insurance Firm CNA Falls Victim to ‘Sophisticated’ Hack

If 2020 was the biggest year ever for hackers, 2021 is doing its best to surpass it. CNA is the latest proof. The massive Chicago-based insurance firm has succumbed to what it’s calling a “sophisticated attack.”

The company has powered down its website as a result.

This is the latest of a multitude of ‘sophisticated’ attacks as hackers seem to have become emboldened by the pandemic.

CNA Becomes the Latest Hacking Victim

CNA does not lack the funds to protect themselves. According to The Chicago Tribune, the insurance giant employs 5,800 employees worldwide and raked in $10.8 billion in revenue last year.

And that’s likely what made them such a prized-target.

Hackers have been hunting larger and larger fish, usually with the hope of securing a larger bounty.

The compromised www.cna.com has been reduced to a statement on the recent attack. The home page simply states that it suffered a “sophisticated attack” that “caused a network disruption.” The company’s corporate email has been compromised and the company has disconnected their systems from their network “out of an abundance of caution.”

CNA’s front page has been modified to address the attack. | Source: Twitter

CNA said that they would be notifying their clients and policyholders directly if their data was compromised.

The insurance firm says it has alerted authorities and “engaged a team of third-party forensic experts.”

Another major insurance-based firm in the Chicago area, Gallagher Bassett Services Inc, was also recently hacked. These companies are just two of the many companies that have been infiltrated in recent months.

A Steady Stream of Hacks

The CNA attack comes on the heels of one of the most ambitious ransomware hacks ever. Prolific hacker group REvil recently infiltrated the Taiwanese computer manufacturing company Acer. They’re now holding a ransom of up to $100 million over its head.

See also  Microsoft Exchange Hack Could Be Even Worse Than SolarWinds

That would make it the largest ransomware attack that we know of up to this point.

REvil says it will double its ransom if Acer doesn’t pay by their deadline. | Source: Twitter

And that’s just the tip of the iceberg. 2020 & 2021 have hosted a slew of the most sophisticated plots ever seen in the history of cybercrime.

The Microsoft Exchange hack and the SolarWinds breach are chief among them. Both are thought to be state-sponsored efforts funded by ill-intentioned countries (China and Russia, in these cases).

After bold proclamations by the Biden administration, the United States is still scrambling to improve its cybersecurity. Hopefully, this latest wake-up call is heard loud and clear.

If you think you or your business has been hacked, or you want to take preventative measures, reach out to us immediately.

Featured image by Gorodenkoff via Shutterstock.com