Jack O'Sullivan
May 21 2021
One of the US’s biggest insurance companies paid $40 million to a ransomware gang
If you thought the $4+ million payout that Colonial Pipeline surrendered to DarkSide was a lot, please look away now. CNA Financial - one of the largest insurance companies in America, paid an eye-watering $40 million to be free of a cyber-attack that encrypted the company's systems. The threat actors initially demanded $60 million though, so perhaps CNA Financial actually got a bargain?
On a serious note though; we're really starting to see ransom demands creep up to higher and higher sums. Our advice (as well as the advice of law enforcement) has always been to not pay the ransom - it only encourages hackers to continue targeting organisations, deploying ransomware, and demanding higher and higher sums. Read more here.
More details emerge from Colonial Pipeline's ransomware attack
The situation with one of America's most vital pipelines continues to cause a stir, and right now, it's no longer because of DarkSide. Colonial Pipeline's CEO has confirmed that the organisation did pay a sum of over $4 million to the DarkSide hacking group that targeted their systems with ransomware. What's interesting though, is that the pipeline being shut down wasn't actually DarkSide's doing, it was Colonial's.
DarkSide didn't target Colonial Pipeline's critical energy infrastructure, just their billing system - which explains why the ransomware gang made the unusual move of apologising for "creating problems for society" when fuel shortages started to cause problems in the US. It's understandable though, that Colonial's first move was to shut everything down once it was clear that hackers had accessed some of their systems. The pipeline is functioning normally again, but Colonial is still having problems billing customers. Read more here.
Should companies be banned from paying ransoms to hackers?
Cybersecurity companies and law enforcement worldwide always give the same advice: don't pay the ransom. However, for an organisation that's been attacked with ransomware, so its systems have been encrypted, staff are panicking, and reputation is going down the toilet, etc - it's understandable that business leaders may want to give in, pay the ransom, and make it all go away. But what happens when that's no longer an option?
What can only be described as a cyber-crime spree has been wreaking havoc around the world over the course of the pandemic, but especially this year. Organisations of all sizes and from all sectors have been targeted; big finance giants like AXA, critical utilities like Colonial Pipeline's fuel transport and Florida's water treatment facility, countless healthcare organisations - including care homes and Ireland's HSE, not to mention numerous local councils and UK universities. It's safe to say that hackers are running riot at the moment, and very few have to face the consequences.
All this chaos has reignited calls for governments to make paying off ransomware gangs completely illegal, therefore taking the financial gain out of targeting organisations. The question is though: will it work? Read more here.
Want the latest technology news? Check out our Twitter page for upcoming tech world developments and data breach news, or get in contact with a member of our team to see how our security services can keep your organisation out of the headlines.