Log in
E-mail
Password
Show password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON

CNA FINANCIAL CORPORATION

(CNA)
  Report
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

CNA Financial : ABA-Ransomware Attacks Ramp Up

09/10/2021 | 03:51am EDT

In March 2021, CNA Financial Corp.-one of the nation's largest insurance companies-paid $40 million in the wake of a ransomware attack that crippled its network, according to a Bloomberg report.

A few months later, cybercriminals targeted the Colonial Pipeline, which supplies fuel to much of the East Coast, with a ransomware attack that led to Colonial paying out almost $5 million.

SVP Paul Benda hosts the weekly ABA Pandemic Update podcast.

These instances are just two high-profile examples of a growing problem: the proliferation of ransomware and extortion-ware. These types of cyberattacks occur when cyber criminals use malware to encrypt files on a device or information on a network, rendering them unusable. Criminals then demand payment in exchange for decryption.

Over the past several years, ransomware attacks have grown in scope and scale, and are now targeting critical infrastructure entities, including financial services providers. In fact, it's estimated that a new ransomware attack is detected every 11 seconds.

According to an eWeek security analysis, more than half of companies faced ransomware attacks and of those, 26 percent paid the requested ransom. Even if companies choose not to pay, ransomware attacks can still be costly and devastating. For example, after the University of Vermont Health Network was compromised by ransomware in June 2021, it lost an estimated $63 million in the process of rebuilding its network infrastructure and restoring compromised hard drives.

Unfortunately, even for those that do pay, obtaining a decryption key is not a panacea-firms must still conduct testing on every machine and network endpoint to ensure that the malware has been successfully removed. One global survey of 5,400 IT decision makers found that around half of those who paid ransom recovered just 65 percent of the encrypted data compromised in the attack. Another 29 percent said they only recovered half of the data.

The staggering cost and increasing frequency of ransomware attacks would seemingly make the case for cyber insurance-but, surprisingly, anecdotal evidence suggests that a majority of financial institutions are not cyber-insured. And with cyberattacks on the rise, the cost of cyber insurance is also increasing, and ransom payments as an insurable risk may not be sustainable in the long run.

The federal government has taken several steps to address the growing problem of ransomware, including establishing a new Department of Justice task force that centralizes the DOJ's efforts to track cyberattacks and digital extortion schemes. FBI Director Christopher Wray even went so far as to compare the threat of ransomware to the terror threat that followed in the wake of 9/11.

'There are a lot of parallels, there's a lot of importance, and a lot of focus by us on disruption and prevention,' Wray told the Wall Street Journal. 'There's a shared responsibility, not just across government agencies but across the private sector and even the average American.'

Banks can find information on ransomware by visiting a new, dedicated website created by the Cybersecurity and Infrastructure Security Agency, cisa.gov/stopransomware. The site provides resources to help evaluate risk and harden systems against potential attacks. It also includes a reporting portal that banks and other companies can use to report cyber incidents to the appropriate authorities.

In addition to these efforts, bank regulators have issued a notice of proposed rulemaking that would direct banks to notify their federal regulator within 36 hours after developing a good-faith belief of a 'computer security incident' that will materially disrupt, degrade or impair banking operations. Importantly, this would not replace Gramm-Leach-Bliley consumer data breach notice requirements. Additionally, the rule places a burden on a bank's third-party providers to provide immediate notice to a bank of a disruptive incident.

While this proposal is a step toward ensuring clarity and consistency around the reporting of cyber incidents, ABA raised concerns that as written the definition of 'computer security incident' is overly broad and recommended targeted changes before the rule is finalized-which is not expected until the end of 2021. ABA also continues to monitor legislative activity around ransomware and the prevention of cyberattacks and will continue to update members as new developments arise.

Government efforts aside, now is the time for banks to take steps to ensure their cyber preparedness and review best practices for securing their data infrastructure. Extra vigilance today can help prevent a costly incident tomorrow.

(C) 2021 Electronic News Publishing, source ENP Newswire

All news about CNA FINANCIAL CORPORATION
09/10CNA FINANCIAL : ABA-Ransomware Attacks Ramp Up
AQ
09/03CNA FINANCIAL : Change in Directors or Principal Officers, Financial Statements and Exhibi..
AQ
09/03CNA Financial Corporation Announces CFO Changes
CI
08/30FACTBOX-Stocks to watch as Ida takes toll on Louisiana, Mississippi
RE
08/27CNA FINANCIAL : Fitch Affirms CNA Financial's Ratings; Outlook Stable
AQ
08/13CNA FINANCIAL CORPORATION : Ex-dividend day for
FA
08/12CNA Appoints Dieter Korte as Senior Vice President, Middle Market
CI
08/10CDW : Names Al Miralles Chief Financial Officer
MT
08/09CNA FINANCIAL : Says CFO Resigned to Pursue Tech Career, Names Interim Successor
MT
08/09CNA FINANCIAL CORP : Change in Directors or Principal Officers, Financial Statements and E..
AQ
More news
Analyst Recommendations on CNA FINANCIAL CORPORATION
More recommendations
Financials (USD)
Sales 2021 7 808 M - -
Net income 2021 1 144 M - -
Net Debt 2021 - - -
P/E ratio 2021 10,7x
Yield 2021 5,98%
Capitalization 12 186 M 12 186 M -
Capi. / Sales 2021 1,56x
Capi. / Sales 2022 1,43x
Nbr of Employees 5 800
Free-Float 99,1%
Chart CNA FINANCIAL CORPORATION
Duration : Period :
CNA Financial Corporation Technical Analysis Chart | CNA | US1261171003 | MarketScreener
Technical analysis trends CNA FINANCIAL CORPORATION
Short TermMid-TermLong Term
TrendsBullishNeutralNeutral
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus HOLD
Number of Analysts 3
Last Close Price 44,91 $
Average target price 48,00 $
Spread / Average Target 6,88%
EPS Revisions
Managers and Directors
Dino E. Robusto Chairman & Chief Executive Officer
Larry A. Haefner Chief Financial Officer
Jane Possell Chief Information Officer & Senior Vice President
Gerald Sydney Haase Chief Operating Officer & Executive Vice President
Garrett Williams Chief Compliance Officer & Senior Vice President
Sector and Competitors
1st jan.Capi. (M$)
CNA FINANCIAL CORPORATION15.27%12 306
AMERICAN INTERNATIONAL GROUP, INC.52.91%49 841
THE TRAVELERS COMPANIES10.88%38 831
THE ALLSTATE CORPORATION14.66%37 481
TOKIO MARINE HOLDINGS, INC.16.26%36 978
SAMPO OYJ31.99%29 346