CNA confirms that it sustained a sophisticated ransomware attack on March 21.
In an update posted on its website on April 1, the insurer says it was able to limit the impact of the attack. It explains that by disconnecting its systems from its network, it successfully prevented other systems from being affected.
“Our investigation into this incident has been following a phased approach – containment, remediation, restoration, a forensic examination, and a thorough data review process. We have also activated our business continuity plans to ensure our stakeholders are supported throughout our ongoing investigation,” the insurer’s web site reads.
As a result, the company says it is safe to conduct business with the firm and to communicate with them via email. “CNA has re-established email functionality which is protected by multi-factor authentication and a security platform to help detect and block email threats,” the update explains.
CNA adds that its team deployed additional endpoint detection and monitoring tools for an added layer of security and visibility across its network. “We remain in regular communication with our regulators, clients, brokers, and agents about this process. We expect that there will be a number of other remediation and infrastructure enhancements.”
Rating firm unfazed
Rating firm S&P Global Ratings says CNA’s response to the cybersecurity incident has mitigated its concern about the insurer’s brand reputation and competitive position. This comment applies to its subsidiaries as well, including CNA Canada, the S&P analysts add.
“In addition to committing to extremely strong capital, CNA distinguishes itself by its market-leading position and diverse geographic spread and product offerings, including a sustainable market share in commercial property and professional liability,” says S&P.
CNA has said that it is able to absorb the potential financial consequences of the cyberattack through its cyber insurance coverage, the rating firm adds.