As the use of technology in daily and business life increases, unfortunately, so do cyber-risks. When it comes to cyber-attacks, it isn’t a matter of whether it will happen to a business; instead, it is when it will happen. Cyber risks affect companies large and small and will keep increasing through 2022. This case study will explain how cyber insurance helped our client, a victim of cybercrime called Ransomware Attack.

Background of Client

 The client is an e-business that sells health products on its website. They have a large number of customers that enter their card details and personal information when ordering products. The business is responsible for the safety of their customer’s data and needs to protect their privacy.

As soon as a business has a website and works online, they are possible cybercrime targets. Especially companies that collect sensitive customers data on their database and sell products through their website. The business is vulnerable to various cyber risks, such as phishing, ransomware, cloud hacking and more. An attack could appear from anywhere; even if a business feels they are protected, they might not be. Even though they have the best cyber security measures, the biggest tech companies have been victims of cyber-attacks.

Start of The Cyber Attack-Ransomware

RansomwareThe ransomware attack, in this case, occurred through the new work from home protocol due to the pandemic. The business has around 50 employees who had to work from home to respect social distancing laws. As one employee used his personal device and unsecure WIFI, he clicked on a malicious link in an email.

The malware instantly downloaded onto the company server, encrypting all company data. Within a few minutes, all employees could not access the data on the company’s network.

A message popped on the server asking for a ransom price of HKD 500,000 worth in bitcoin within 48 hours to unlock the server. In many cases, if the business does not pay the ransom, the data will be deleted or published online. Employees could not access the website or any customers information. As a result, the business was at a standstill and had to act quickly to solve the solution to continue.

How Did Cyber Insurance Help recover from a Ransomware Attack?

The business had purchased cyber insurance through Red Asia insurance, which provided a full 365/24/7 call centre. The business informed the insurance company instantly. The insurance company passed the case to the IT forensic investigators to analyse the threat’s validity and conclude whether the company could avoid paying the ransom.

The insurance company updated the business not to pay the ransom, and the authorities were involved. Cyber insurance helped the business cover the costs of replacing lost or corrupted data. If paying the ransom was the last option, the insurance company would have also covered the ransom cost (within the insurance limit). Additionally, the insurance company provided the business with expert advice to lower the chances of any future incidents.

Cyber insurance covered the following costs to recover ransomware attack:

  • Forensic investigation costs (to locate malware, analyse the impact and ensure containment): HKD 280,000
  • IT consultant Fee (assess backup capabilities ): HKD 180,000
  • Data Asset Loss – costs associated with replacing lost or corrupted data: HKD270,000
  • Legal consultation fees(to draft legal letters to inform the third party)- HKD50,000
  • Cyber Security consultation fees (inform the company about cybercrimes and the best cyber protection methods): HKD 20,000

Total Costs: HKD 800,000

Therefore purchasing cyber insurance beforehand saved the company nearly a million dollars, restored their data and avoided a business shutdown. Cyber insurance may also provide PR support if the attack goes viral and gets media attention.


78.4 million ransomware attacks were recorded globally in 2021, and many more that small businesses may not report. Almost every company today faces cyber risks. Just using Emails, hackers can steal sensitive data and use it in malicious ways. In addition, cybercrimes may affect third parties and cause the business to be sued and damage brand image.

Cyber Insurance

No company is clear from cyber-attacks, big or small. However, many SMEs believe they are not likely to be targeted for cyber-attacks. Unfortunately, SMEs are more likely to face cyber-attacks like ransomware, as they are less challenging to hack. This is due to SMEs not spending enough on cyber security.

Additionally, how great cyber security is, hackers will always find ways to infiltrate it and get what they want. This is why every company should be prepared with cyber insurance.

To Learn More about cyber insurance and protect your company from cyber threats, contact Red Asia Insurance.