Japan’s highest-earning property and casualty insurance group Tokio Marine disclosed that its Singapore branch was attacked by ransomware;
Several large insurance companies have been hit by ransomware this year, and a representative of the REvil ransomware group said insurance companies have become attractive targets for ransomware attackers.
A few days ago, Japanese multinational insurance company Tokio Marine Holdings disclosed that its Singapore subsidiary, Tokio Marine Insurance (TMiS), was hit by a ransomware attack.
The announcement, made earlier this week, contained few details of the incident other than disclosing the response.
The attack has little impact
As Japan’s highest-paid property and casualty insurance group, Tokio Marine is undoubtedly an attractive target for cybercriminals. They have also been looking for viable loopholes, hoping to squeeze money out of Tokio Marine’s customers.
Tonkin Marine pointed out that the ransomware attack mainly affected its Tokio Marine Insurance branch in Singapore, and other companies of the group in Singapore were not affected.
It is unclear when or how the attack was launched or what the consequences were. But the Singapore branch implemented a network isolation immediately after discovering the problem, and notified local government agencies.
The parent company said it could “confirm that there is no indication that any of the group’s customer or confidential information has been compromised.”
Currently, most ransomware attacks are also accompanied by data breaches, with more and more attackers stealing sensitive files from victim networks before encryption.
However, Tonkin Marine has brought in a third-party agency to conduct systematic analysis and assess the impact of the attack.
The company disclosed the incident in Japanese and English on its official website, and apologized to its customers for “all inconveniences and concerns caused”.
Insurance companies are major targets
Tim Starks of foreign media CyberScoop said that Tokio Marine is the second insurance company to announce a cyber attack this week. On Monday, Ryan Specialty Group said it detected unauthorized access to some employee accounts in April.
In addition, several other large insurance companies fell victim to ransomware attacks earlier this year.
In March, CNA Financial Corporation, the seventh-largest commercial insurer in the United States, was hit by the Phoenix CrypotoLocker ransomware attack, which also stole files containing customer information.
In May, the Avaddon ransomware gang attacked AXA branches in Thailand, Malaysia, Hong Kong and the Philippines and claimed to have successfully stolen 3 terabytes of data.
Earlier, a representative of the REvil ransomware gang was also interviewed by Recorded Future intelligence analyst Dmitry Smilyanets, and admitted that insurance companies have become attractive targets for ransomware attackers.
The representative, codenamed “Unknown,” declared that insurance companies were “the most tender and juicy delicacy.” They can reach the insurance company’s customer base through hacking attacks, and use the customer as a threat to put pressure on the insurance company.
“Yes, they are the most tender and juicy delicacy. The best way is to hack the insurance company first, reach their customer base and collect targeted attacks accordingly. Once you have a strategy in place, you can launch the insurance company. impact.”
The Links: SKKD 75F12 G185XW01-V0