Insurer Aon falls victim to a cyber attack
Aon's ability to serve customers has not been impacted by this incident, the company says
Global insurance broker Aon said on Monday that it is investigating a cyber incident impacting some of its systems.
In an 8-K filing with the US Securities and Exchange Commission (SEC), the world's second-largest insurance brokerage said that it identified the incident on February 25 impacting a limited number of systems.
As a result, the firm initiated an enquiry and hired third-party advisers, crisis response specialists and counsels.
So far, Aon claims that the cyberattack has had no effect on the company operations and that it remains 'focused on our clients'.
It added that Aon's ability to serve customers has not been affected by this incident.
Aon is a multinational professional services firm that provides a wide range of solutions in areas such as business insurance, reinsurance, healthcare insurance, risk, cybersecurity consulting and wealth management.
It employs around 50,000 people across 120 countries and generated $12.2 billion in sales last year.
Because insurance firms and brokers, such as Aon, hold a lot of sensitive data on companies affected by cybercrime, including victims' identities and key details about attack strategies, they are vulnerable to cyberattacks, particularly by ransomware gangs.
Last year, an alleged member of the notorious ransomware gang REvil divulged details about the group's activity, stating that targeting organisations with cyber insurance was "one of the tastiest morsels" for REvil operators.
The individual said that REvil operatives like to hack insurers first. After working through the insurer's customer list, they return to hit the company with a destructive attack.
In 2021, several large insurance firms, including CNA AXA, and Pan-American Life, disclosed cybersecurity incidents.
The Evil Corp cybercrime syndicate targeted the American cyber insurance provider CNA Financial in a ransomware attack in March 2021. The firm reportedly paid hackers $40 million (£30 million) to decrypt its data and restore its systems.
Ransomware gangs have grown increasingly sophisticated in recent years; they are investing time and money to hone their skills and tools, which has made insurers worried about their profits.
Insurers say some attackers even check whether potential victims have policies that would make them more likely to pay a ransom.
The Aon cyberattack comes amid global concerns about aggressive cyber activity in the aftermath of the Russian invasion of Ukraine. Several hacker groups have come forward in recent days to announce their support for one of the two sides.
Last week, Conti ransomware group posted a message, declaring its full support for President Vladimir Putin's decision to attack Ukraine. It warned that if anyone planned a cyberattack or any war operations against Russia, the group would use all available resources to strike back against an enemy's crucial infrastructures. However, its messaging server was infiltrated by a Ukranian security researcher, who sent the logs to journalists.
The Anonymous hacker collective said it would support Western allies and attack Russian operations.
It is unclear whether the Aon cyberattack is connected to the Russia-Ukraine conflict.