[BreachExchange] Ransomware Infects Main Server of Large Insurance Company in Oman

[Destry Winant]

https://securityboulevard.com/2020/01/ransomware-infects-main-server-of-large-insurance-company-in-oman/

A ransomware attack has hit Oman United Insurance Company
SAOG, one of the largest insurers in Oman, but operations apparently remain
unaffected.

Finance is one of the sectors most targeted by hackers, including
banks, fintech firms, or insurance companies. One way to compromise a financial
organization is with ransomware, and this is exactly what happened with Oman
United Insurance Company SAOG.

The company notified the Capital Market Authority that
bad actors attacked their main server on January 1, 2020, and managed to
encrypt some data. However, it released no specific information to the public.

“The main server was hit and some data was also infected
and encrypted,” said
a spokesperson for The Oman Daily Observer. “The company lost some data
relating to the period from December 10, 2019, to January 1, 2020.”

“The online operation was suspended only for one day
(Thursday, January 2, 2020). However, the server is operating and we recovered
the lost data.”

>From what the company revealed, it looks like they had
all the data backed up and restored operations quickly. Ransomware attacks are
starting to evolve, and some hackers will now try to exfiltrate data, which
they use for leverage during ransom talks. Fortunately for the
Oman-based insurer,
that wasn’t the case.

One of Bitdefender’s
2020 Cybersecurity Predictions relates specifically to ransomware and
companies in the financial sector. Ransomware is likely to be deployed in a
more targeted fashion, with the help of social engineering, BEC (Business Email
Compromise) attacks, and phishing campaigns.