AON, a British-American multinational corporation selling financial risk-mitigation solutions, has revealed it was hit with a ransomware attack - or, rather, it was grazed, given that the attack reportedly left no significant impact on the company.
The company filed an 8-K form with the Securities and Exchange Commission (SEC) in which it stated that it was at the receiving end of a ransomware attack on February 25, 2022.
Other than that, it did not provide further details. We don't know if any social engineering, or malware (opens in new tab), were used in the attack.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
>> Click here to start the survey in a new window (opens in new tab) <<
Limited number of systems affected
"On February 25, 2022, Aon identified a cyber incident impacting a limited number of systems. Promptly upon its identification of the incident, the Company launched an investigation, and engaged the services of third-party advisors, incident response professionals, and counsel. The incident has not had a significant impact on the Company’s operations," the filing read.
"Although the Company is in the early stages of assessing the incident, based on the information currently known, the Company does not expect the incident to have a material impact on its business, operations or financial condition,” it added.
Among the services AON offers are insurance and re-insurance, which makes it an important target for ransomware operators. Knowing which companies are insured against ransomware attacks makes it easier for threat actors to decide where to strike next, as insured companies are more inclined towards paying the ransom and moving on with their day.
> Asustor NAS devices hit by Deadbolt ransomware attack (opens in new tab)
> Meyer hit by ransomware attack, thousands of employees affected (opens in new tab)
> Mizuno hit by ransomware attack, delaying customer orders (opens in new tab)
The last time an insurance enterprise was targeted was in 2021, when Evil Corp hit CNA, allegedly asking for $40 million in cryptocurrencies, in exchange for a master decryption key for its endpoints (opens in new tab) nd to not leak stolen data online.
AON was formed when Ryan Insurance Group merged with Combined Insurance Company of America, in 1982, and was renamed five years later, in 1987. It is incorporated in Ireland, but headquartered (and listed) in the States. As of 2021, it has offices in 120 countries around the world, employing roughly 50,000 people.
- You might also want to check out our list of the best firewalls (opens in new tab) right now
Via: BleepingComputer (opens in new tab)