In the middle of a pandemic, insurance companies are likely targets for cyberattackers so it’s not surprising that Chubb this week reportedly found itself a victim of the Maze ransomware’s operators, who encrypted the company’s files.
The group put a notice on its news site claiming that it had encrypted the insurance company’s network. If the attackers follow their typical game plan, they already have swiped Chubb’s files and are now threaten to reveal stolen information unless the ransom is paid.
But Chubb said it has "no evidence" that its network was affected and is looking into the incident. “We are currently investigating a computer security incident that may involve unauthorized access to data held by a third-party service provider," Chubb said in a statement sent to SC Media, explaining the company is working with law enforcement and a cybersecurity firm. "Our network remains fully operational and we continue to service all policyholder needs, including claims.” The company said it makes security a priority and will provide update "as appropriate."
The spread of COVID-19 seemingly hasn’t dampened the Maze group’s operations.
“The Maze Ransomware group continues to be active by targeting this insurance company and a British healthcare organization last week. The healthcare organization was working on treating patients for COVID-19,” James McQuiggan, security awareness advocate at KnowBe4, told SC Media. “It appears they are continuously working to gain access to organizations with employees unknowingly opening the front door to the network when they click on a phishing link or open an attachment.”
As the coronavirus forces people inside, they may feel safe at home, says McQuiggan, “but those who are unaware of the COVID 19 phishing scams potentially represent a risk to the organizations and schools” and offers cybercriminals a huge opportunity “to gain access to the email accounts and computers throughout the world.”