Ransomware is a type of malware that encrypts the victim’s data. Cybercriminals using ransomware also often steal data. The hackers then demanded a payment to unlock the files and promised not to leak the stolen data. In recent years, hackers have targeted victims with cyber insurance policies, and large volumes of sensitive consumer data make them more likely to pay ransoms, according to cybersecurity experts. According to the unnamed source, CNA paid the hackers about two weeks after a bunch of company data was stolen and CNA officials were locked out of its own network. CNA does not comment on the ransom, with a CNA spokesperson saying CNA followed all laws, regulations and guidelines, including OFAC’s 2020 ransomware guide, in handling the matter. CAN also shares attack intelligence and hackers’ identities with the FBI and the Treasury Department’s Office of Foreign Assets Control because facilitating ransom payments to hackers can cause punishment risk. The largest ransom amount Ransomware attacks – and payments in particular – are rarely disclosed so it’s difficult to know what the largest ransom is. The $40 million payout is larger than any previously disclosed payments to hackers. The hackers attacking CNA used malware called Phoenix Locker, a variant of ransomware called ‘Hades.’ According to cybersecurity experts, Hades was created by a Russian cybercrime organization called Evil Corp. Evil Corp. was sanctioned by the United States in 2019. However, identifying attacks can be difficult because hacking groups can share code or sell malware to each other. CNA, which provides cyber insurance, said its investigation concluded that the Phoenix hacker group was not on the US sanctions list. The disclosure of the payment is likely to draw outrage from lawmakers and regulators who are unhappy that US companies are paying large sums of money to criminal hackers who over the past year have targeted hospitals, drug manufacturers, police forces and other entities critical to public safety. The FBI discourages organizations from paying ransoms because it encourages additional attacks and does not guarantee data will be returned. Last year was a standout year for ransomware groups, with a task force made up of security experts and law enforcement agencies estimating that victims paid around $350 million in ransom last year, up 311% compared to 2019. The Task Force suggested 48 actions the Biden administration and the private sector could take to mitigate such attacks, including better regulation of money markets. digital currency used to make ransom payments. The report, prepared by the Institute for Security and Technology, was delivered to the White House days before the Colonial Pipeline Company was compromised in a ransomware attack that resulted in fuel shortages and long lines at stores. gas stations along the US East Coast Bloomberg reported that Colonial paid hackers nearly $5 million shortly after the attack. Colonial CEO Joseph Blount, in an interview with the Wall Street Journal published Wednesday, confirmed that the company paid the hackers – $4.4 million in ransom. According to two people familiar with the CNA attack, the company initially ignored the hacker’s request and attempted to recover the data without negotiating with the criminals. But within a week, the company decided to start negotiating with the hackers, who were demanding $60 million. Residents said the payment was made a week later. According to Barry Hensley, chief intelligence officer at cybersecurity firm Secureworks Corp. then the Phoenix Locker seems to be a variation of Hades based on the overlap of the code used in each. He said they have not yet identified which hackers used the Hades variant to attack CNA. Cybersecurity firm CrowdStrike Holdings Inc believes Hades was created by Evil Corp. to bypass US sanctions against the hacking group. In December 2019, the Treasury Department announced sanctions against 17 individuals and six entities associated with Evil Corp. At the time, the Treasury Department said Evil Corp used malware “to infect computers and collect login information from hundreds of banks and financial institutions in more than 40 countries, causing more than 100 million dollars of theft. “It is illegal for any U.S. company to knowingly pay a ransom to Evil Corp. According to Melissa Hathaway, President of Hathaway Global Strategies and a former cybersecurity adviser to Presidents George W. Bush and Barack Obama, demand for ransomware has grown exponentially over the past six months. Hathaway said the average hacker’s ransom demand is between $50 million and $70 million. Those claims are often negotiable, and companies often pay ransoms in the tens of millions of dollars, in part because cyber insurance policies cover some or all of the costs. Hathaway estimates that the average payout is between $10 and $15 million. Ngoc Linh – According to Insurance Journal

Dressed in blue protective gear and wearing a visor under a bright yellow turban, Jitender Singh Shunty sprayed disinfectant on bodies at the Seemapuri crematorium in northeastern Delhi. He had to act fast because bodies were delivered faster than cremation. The families and friends of those who have died, and those who are trying to find hospital beds and oxygen tanks to save their loved ones, are losing patience. “We are doing all we can to help families have a decent funeral for their loved ones,” he said as he rushed into another ambulance that had just arrived with two bodies. Since the beginning of April, when India suffered a second wave of the outbreak, Jitender Singh Shunty and his 20 volunteers were shocked by the large number of bodies brought in. “Last year we cremated 967 bodies, this month alone we cremated 670 bodies,” he said. Worldometers chart of the high number of infections in India as of May 10. About 20km from Seemapuri, New Delhi, dozens of people were gathering outside Waseem’s gas station. They all have the same question: When will the new oxygen tanks arrive? Waseem is committed to updating information on WhatsApp as soon as it is available. “People are dying from lack of oxygen so I thought I had to do something to help them,” Waseem said. “Someone told me that I would get sick if I kept going out and meeting so many people with Covid-19 relatives. I’m really scared, but if I don’t help them, I’ll be haunted for life.” Waseem added. Not alone As India is trying to find a way to deal with the pandemic, young men and women from all over the country do not hesitate to volunteer to contribute to the fight. They set up apps to solicit support and help, distribute key supplies, and use social media to direct resources to those in need. With two-thirds of its 1.3 billion population under the age of 35, India is a country dominated by young people, but young people have never been called upon to shoulder such enormous responsibilities. Photo: Times of India Swadha Prasad is working with dozens of volunteers – all between the ages of 14 and 19 – as part of the youth-led UNCUT organization, building an online database to gather information. about available medical resources across the country. This is 24/7, with teens constantly working over the phone to verify supplies, update information in real time, and take calls from patient relatives. “Some of us work from midnight to morning, because the calls don’t stop at 3 a.m.,” CNA quoted Prasad, a 17-year-old schoolgirl who worked 14 hours a day from noon the day before to 1 a.m. next morning. It was a long and tiring shift, but this Mumbai resident was still very enthusiastic. “If I could help save a life, I would never say No.” And many Covid-19 victims have been saved. Prasad cites an example where her team was able to deliver oxygen in the middle of the night, saving the life of a young patient desperately waiting for help. “It’s not just about providing resources… sometimes people want to know they’re not alone,” she said. The graph of Worldometers shows the correlation between the number of new infections (yellow) and the number of new recoveries (blue) in India as of April 30. Technology limitations However, in many small Indian towns and villages, technological limitations exacerbate the situation. Urgent requests for resources and spare hospital beds have spurred a large number of Twitter users. 25-year-old software engineer Umang Galaiya solved this problem by writing an app that makes it easy for users to find what they need, and directs their search to verified resources. But even so, his application cannot help many people living outside of big cities because the number of internet users is very small. “If I look for resources in Jamnagar, I get nothing on Twitter,” reflected the young man. And according to this male engineer, the pandemic cannot be controlled without the government. Simple measures still save many lives. For example, authorities could create an online bed registry, which updates automatically in real time, to save distressed patients from running back and forth knocking on the door of each treatment facility. According to the update of statistics page Worldometers, as of noon on May 12, India has recorded more than 23.3 million people infected with Covid-19 and about 254,200 deaths.