Ransomware can be a living nightmare.

It has the potential to not only shut down network access, but also to bring internal operations to a standstill and to cripple supply chains, affecting the availability of goods and services.

Moreover, it can result in reputational damage, legal consequences and can even push a business towards insolvency.

However, ransomware’s potential impact goes beyond the operational and financial — it can take a significant toll on the emotional well-being of business owners and cyber security staff.

Ransomware research reveals…

According to new research that explores the harmful effects of the cyber criminal ecosystem beyond financial repercussions, in rare instances, ransomware attacks on small businesses can leave owners and employees feeling suicidal.

Partly funded by the U.K’s National Cyber Security Center (NCSC), the study found a cyber security specialist for whom a ransomware attack was so mentally damaging that the incident nearly resulted in their stepping off of a ledge.

The researchers also discovered a law enforcement officer personally familiar with the case of an IT staffer who ended his life after a ransomware attack.

Ransomware and PTSD

Some cyber defenders have described dramatic states of mental distress, with some reportedly experiencing Post Traumatic Stress Disorder (PTSD).

Research indicates that 1 out of every 7 employees experiences trauma symptoms months after a cyber attack.

After recognizing the pressure that the IT team was under, one organization brought in professional PTSD support staff.

Ransomware’s mental health impact

“…psychological harm can reach far beyond the immediate response to a specific incident, affecting an individual’s wider professional life and impacting their personal life,” wrote the study’s authors.

For incident responders, the gravitas of potential litigation, the protracted periods of working to remediate systems, the loss of time with loved ones, the frustrations that stem from the inability to support a partner and child/ren with childcare and other variables, can all contribute to the substantial mental health toll exacted by ransomware.

Ransomware rates escalating

Against a backdrop of increasing ransomware attacks — a rate increase estimated in the ballpark of more than 200%, says Microsoft — the mental health impact associated with ransomware can no longer remain in the shadows.

According to an IBM study, 81% percent of cyber security incident responders stated that the increase in ransomware attacks has “exacerbated the psychological demands associated with cybersecurity incidents.” In other words, ransomware can lead to challenging psychological circumstances.

Bringing greater perspective to the issue, “When you’re potentially what stands in the way of a malicious actor and someone being able to heat their home, get to work, or stock grocery shelves, the pressure adds up quickly,” says Laurence Dine, global lead of incident response at IBM Security X-Force.

Addressing mental health concerns

Addressing mental health concerns in cyber security requires a multi-pronged approach.

Organizations may want to hire additional cyber security staff to decrease workloads for teams, while simultaneously adopting technologies that prevent sophisticated ransomware attacks and that can recover encrypted data.

Check Point offers a wide range of security solutions designed to stop ransomware attacks across endpoint, mobile, email & collaboration applications, internet access and network environments. Get complete ransomware protection for your organization. Explore the resources below.

                                                                             Related resources

  • Discover a comprehensive anti-ransomware checklist – Read article
  • Explore anti-ransomware technologies in-depth – Watch video
  • Ransomware prevention starts with phishing prevention – Email security
  • Complete ransomware protection products for organizations – More here