Insurance giant AON hit by cyberattack

AON, a British-American multinational corporation selling financial risk-mitigation solutions, has revealed it was hit with a ransomware attack – or, rather, it was grazed, given that the attack reportedly left no significant impact on the company.

The company filed an 8-K form with the Securities and Exchange Commission (SEC) in which it stated that it was at the receiving end of a ransomware attack on February 25, 2022.

Other than that, it did not provide further details. We don’t know if any social engineering, or malware, were used in the attack.

TechRadar needs you!

We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.

>> Click here to start the survey in a new window

Limited number of systems affected

“On February 25, 2022, Aon identified a cyber incident impacting a limited number of systems. Promptly upon its identification of the incident, the Company launched an investigation, and engaged the services of third-party advisors, incident response professionals, and counsel. The incident has not had a significant impact on the Company’s operations,” the filing read.

“Although the Company is in the early stages of assessing the incident, based on the information currently known, the Company does not expect the incident to have a material impact on its business, operations or financial condition,” it added.

Among the services AON offers are insurance and re-insurance, which makes it an important target for ransomware operators. Knowing which companies are insured against ransomware attacks makes it easier for threat actors to decide where to strike next, as insured companies are more inclined towards paying the ransom and moving on with their day.

> Asustor NAS devices hit by Deadbolt ransomware attack

> Meyer hit by ransomware attack, thousands of employees affected

> Mizuno hit by ransomware attack, delaying customer orders

The last time an insurance enterprise was targeted was in 2021, when Evil Corp hit CNA, allegedly asking for $40 million in cryptocurrencies, in exchange for a master decryption key for its endpoints nd to not leak stolen data online.

AON was formed when Ryan Insurance Group merged with Combined Insurance Company of America, in 1982, and was renamed five years later, in 1987. It is incorporated in Ireland, but headquartered (and listed) in the States. As of 2021, it has offices in 120 countries around the world, employing roughly 50,000 people.

You might also want to check out our list of the best firewalls right now

Via: BleepingComputer