AON, a British-American multinational corporation selling financial risk-mitigation solutions, has revealed it was hit with a ransomware attack - or, rather, it was grazed, given that the attack reportedly left no significant impact on the company.
The company filed an 8-K form with the Securities and Exchange Commission (SEC) in which it stated that it was at the receiving end of a ransomware attack on February 25, 2022.
Other than that, it did not provide further details. We don't know if any social engineering, or malware, were used in the attack.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
Limited number of systems affected
"On February 25, 2022, Aon identified a cyber incident impacting a limited number of systems. Promptly upon its identification of the incident, the Company launched an investigation, and engaged the services of third-party advisors, incident response professionals, and counsel. The incident has not had a significant impact on the Company’s operations," the filing read.
"Although the Company is in the early stages of assessing the incident, based on the information currently known, the Company does not expect the incident to have a material impact on its business, operations or financial condition,” it added.
Among the services AON offers are insurance and re-insurance, which makes it an important target for ransomware operators. Knowing which companies are insured against ransomware attacks makes it easier for threat actors to decide where to strike next, as insured companies are more inclined towards paying the ransom and moving on with their day.
The last time an insurance enterprise was targeted was in 2021, when Evil Corp hit CNA, allegedly asking for $40 million in cryptocurrencies, in exchange for a master decryption key for its endpoints nd to not leak stolen data online.
AON was formed when Ryan Insurance Group merged with Combined Insurance Company of America, in 1982, and was renamed five years later, in 1987. It is incorporated in Ireland, but headquartered (and listed) in the States. As of 2021, it has offices in 120 countries around the world, employing roughly 50,000 people.
- You might also want to check out our list of the best firewalls right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.