CNA is one of the largest commercial property and casualty companies in the U.S. This Chicago-based insurance company experienced one of the most 'sophisticated ransomware attacks' in recent history. Ransomware is a malicious software designed to capture a website until money is paid to restore its functionality. In this case, the CNA site was reduced to a static display. It is still unclear if there was any damage to business partners and customers. Ransomware is a threat to all networks and can cause data loss, privacy issues, and is costing firms billions of dollars a year according to the federal Cybersecurity and Infrastructure Security Agency. The CNA site was down for two weeks and after installing additional security software, functionality has been partially restored.
While information technology has advanced business and society, the risks associated with both internal and external hackers can disrupt business operations, as in the case of CNA, and create negative consequences through breaches in privacy.
CNA is still working with law enforcement and forensic experts to investigate any damage to customers and other stakeholders. CNA will notify customers and other impacted parties to restore their trust. While the ransomware attack was the act of a criminal, the firm has an ethical responsibility to be transparent and report exactly what happened and any potential negative consequences to the public. So far, it appears that CNA has handled the situation as well as possible given the design and implementation of the ransomware. CNA followed a 'phased approach' with containment, remediation, restoration, and a complete forensic investigation. The company responded quickly due to a business continuity that ensured all stakeholders were supported throughout the attack and recovery.