The CNA Center in Chicago. (Antoine Taveneaux, CC BY-SA 3.0 https://creativecommons.org/licenses/by-sa/3.0, via Wikimedia Commons)
Insurance firm CNA Financial, a prominent provider of cyber insurance, confirmed a cyberattack against its systems, which has some concerned that cybercriminals may target policyholders.
Cybercriminals generally know that companies represented by a cyber insurance company are more likely to pay a large ransomware demand than an uninsured business that doesn’t have the financial backing.
It is currently unclear as to what client information may have been compromised in the attack against the Chicago-based firm, with roughly $10 billion in annual revenue. But gaining illegal access to a cyber insurance firm’s records could give the perpetrators insights into the negotiating tactics of the insurance company, and what current clients might be willing and able to shell out if a future attack occurs.
“The theft of customer policies is the Sword of Damocles that has been hanging over the cyber insurance industry since its inception,” said Aaron Portnoy, principal scientist at Randori. “The profit that ransomware groups can extort from a target has historically started as an educated guess, modif ..
Support the originator by clicking the read the rest link below.
