Breach Notification , Incident & Breach Response , Managed Detection & Response (MDR)
Insurer CNA Disconnects Systems After 'Cybersecurity Attack'
Investigation Continues; Law Enforcement Officials NotifiedInsurance provider CNA reported Tuesday it was victimized over the weekend by a "cybersecurity attack" that caused a network disruption and affected certain systems, including corporate email.
See Also: Effective Communication Is Key to Successful Cybersecurity
"Out of an abundance of caution, we have disconnected our systems from our network," the company says in a notice posted on its homepage. "We've notified employees and provided workarounds where possible to ensure they can continue operating and serving the needs of our insureds and policyholders to the best of their ability."
The company, which says the attack was discovered Sunday, has set up a phone number and new email for customers who need to file claims while its systems are not operational.
CNA says it has hired a forensics expert to handle the investigation and determine the full scope of the incident's impact. The company also notes it has alerted law enforcement officials.
The insurer did not immediately respond to Information Security Media Group's request for additional information.
Prime Targets
Chris Clements, vice president of solutions architecture for the security firm Cerberus Sentinel, says insurers and other service providers are prime targets for attacks.
"I expect to see service providers increasingly targeted by cybercriminals," he says "After all, why spend time trying to compromise a hundred different companies individually when you can compromise them all at once by targeting their provider?
Chicago-based CNA has 5,800 employees and generated $10.8 billion in revenue in 2020, according to Google Finance. It sells specialized property and casualty insurance products and services for businesses and professionals.
String of Attacks
CNA is one of several companies that have reported cyber incidents over the weekend.
Canadian IoT device manufacturer Sierra Wireless reported Tuesday it had suffered a ransomware attack over the weekend, forcing it to halt production. The company's website remained offline Wednesday afternoon.
Also over the weekend, PC maker Acer was reportedly hit by a ransomware attack.