Security News > 2021 > March > Insurance Giant CNA Hit with Novel Ransomware Attack
A novel ransomware attack forced insurance giant CNA to take systems offline and temporarily shutter its website.
"The attack caused a network disruption and impacted certain CNA systems, including corporate email," according to the statement.
Though the company did not elaborate on the nature of the attack, a report in BleepingComputer said CNA was the victim of a new ransomware called Phoenix CryptoLocker.
Cryptolockers are an oft-used type of ransomware that immediately encrypt files on the machines they attack and demand a ransom from the victims in exchange for the key to unlocking them.
The impact of the group's latest attack was so serious that CNA disconnected its systems from its network "Out of an abundance of caution" and is currently providing workarounds for employees where possible so the company can continue operating to serve its customers, the company said.
Sources familiar with the attack have told BleepingComputer that threat actors encrypted more than 15,000 devices on CNA's network-including those of employees working remotely who were logged onto the company's VPN at the time-when they deployed the new ransomware on Sunday, according to the report.
News URL
https://threatpost.com/cna-hit-novel-ransomware/165044/
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)