Cyber insurance giant CNA paid out $40 million to its ransomware attackers
Back in March, insurance firm CNA Hardy had much of its IT system knocked out by a ransomware attack, and sensitive data stolen.
And what’s also pretty ugly is that Bloomberg Sign up to our newsletter Security news, advice, and tips.
As security researcher Kevin Beaumont adroitly points out on Twitter, it’s makes one raise an eyebrow at some of the things CNA Hardy has said in the past on the topic of ransomware.
“A ransomware attack can have a devastating impact on business. Developing a breach plan and knowing what steps to take in the event of an attack could help save a business.” – Brian Robb, CNA.
(According to his LinkedIn profile, Robb left CNA Hardy last month to start a job as head of cyber at a different insurance firm. One imagines it might have looked better on his resume if he had moved on before the ransomware attack occurred, but never mind. Timing is everything.)
Meanwhile, CNA Hardy says that all of its cyber policy holders automatically get something called CNA CyberPrep. What’s that you ask?
