Case study November 6, 2018

Cyber claims case study: Malware mayhem

A technology software provider that fell victim to a targeted cyber extortion attack, in which their data and applications were encrypted and held to ransom for 75 bitcoins (nearly $600k).


To make matters worse, after a reduced ransom fee was paid and the insured’s data and applications were decrypted, a sophisticated strain of malware was discovered on their system, resulting in further system damage and business interruption costs.

Find out how their CFC policy helped limit the damage that was done and cover the associated costs.

The key takeaway points are:

  • Targeted cyber extortion attacks are increasing in terms of both frequency and severity. In the past, it may have been feasible for a company to pay off a $300 ransomware attack without necessarily requiring a cyber insurance policy. But with attacks like this on the rise, the likelihood of being extorted for large sums of money is only increasing and having a cyber insurance policy in place to deal with these kinds of incidents is essential.
  • Working with an experienced cyber insurer with a dedicated incident response team and partner network is key. The use of the specialist partners in this case enabled the insured to negotiate the ransom amount down significantly, arrange payment and decrypt and clean the data and applications before transferring it to a new environment. 
  • Businesses are becoming increasingly dependent on their digital assets, and one incident at just one part of the technology supply chain can have a domino-like effect.