For the second time in a month, we’re hearing about another company being held hostage by hackers and demanding a ransom.
This first happened with Colonial Pipeline which ended up leaving the East Coast without gas at most stations because people panic-bought gas.
Now, Chicago-based CNA Financial, one of the top insurance companies in the United States, reportedly paid a $40 million USD ransom after getting hacked.
According to reports, hackers broke into the company’s network using Phoenix Locker, malware with links to Russia. Once they took over, they locked CNA out. After two weeks, CNA allegedly forked over the money to regain access. The company confirmed the attack but wouldn’t comment on whether or not they’d paid to end it.
“The CNA hackers used malware called Phoenix Locker, a variant of ransomware dubbed ‘Hades.’ Hades was created by a Russian cybercrime syndicate known as Evil Corp., according to cybersecurity experts,” Bloomberg reported. “Evil Corp. was sanctioned by the U.S. in 2019. However, attributing attacks can be difficult because hacking groups can share code or sell malware to one another.”
CNA’s spokeswoman claimed that they “followed all laws, regulations, and published guidance” in handling the situation.
This comes on the heels of a cyberattack against the Colonial Pipeline, which runs between New Jersey and Texas. Colonial Pipeline Company admits to paying the $4.4 million ransom to regain access.
Since President Biden took office, ransomware attacks have steadily increased. Check Point Research reports an increase of 57% in the last six months. When asked about the Colonial Pipeline situation, Biden answered with “No comment.” He did, however, sign an executive order to strengthen cyberattack defenses.
It looks like during the pandemic, computer nerds have a newfound glory and hobby. They must have taken that time to hone in their hacking abilities and have become the pirates of the online world. They certainly are doing a good job of it, but how long will this go on?