Skip to content


Understanding the Impacts of a Ransomware Attack

Ransomware attacks continue to plague businesses of all sizes, with 82% of attacks hitting small and medium-sized businesses (SMBs)1. And with the rise of “ransomware-as-a-service,” in which cybercriminals sell ready-made ransomware tools for use by other attackers, it has become more urgent than ever for businesses to protect themselves against this insidious form of cyberattack. To do so, you need to grasp the realities of ransomware attacks:

Stage 1: Employee Unwittingly Grants Access to Network

In most cases, ransomware attacks begin with phishing emails or other types of social engineering attacks, where threat actors try to trick employees into sharing credentials or downloading malicious software by clicking on links or attachments in emails. In some cases, malware is downloaded when an employee visits a malicious website, also known as “drive-by downloading.” Most employees have no idea that they’ve opened the door to a ransomware attack at this stage.

Stage 2: Threat Actors Go After the Data

In the next stage, threat actors put their malicious program to work, encrypting the victim’s data. This renders the company’s data unusable, which forces the company to suspend most if not all business activity. Even worse, ransomware attackers are now more likely to locate and encrypt the victim’s backups as well. With control over the victim’s data, the attackers now have the leverage they need to execute their extortion scheme.

Stage 3: Victim Receives Ransom Note

In the third stage of the attack, a ransom note appears on the victim’s screen. The note threatens the company that if they do not pay a certain sum, usually in cryptocurrency, then their data will be encrypted indefinitely and possibly even destroyed or shared with the public. In this way, ransomware attackers create urgency and fear in their victims, which often compels them to pay up in order to receive the decryption key. And while 66% of companies believe that they would never pay the ransom, in truth, about 65% do pay when faced with the realities of unusable data and an immobilized business2.

The Aftermath: How a Ransomware Attack Impacts a Business

As the above suggests, ransomware attacks are major crisis events that can bring a company to its knees. The impacts are various and can include:

  • Downtime, which costs the majority of SMBs between $10,000 and $50,000 per hour3.
  • Ransom payment, with median payment of $36,360 and average payment of $228,125 (note that law enforcement agencies strongly discourage paying the ransom)4.
  • Permanent data loss whether the ransom is paid or not, as many ransomware attackers do not make good on their promise of sharing a usable decryption key in exchange for the ransom.
  • Loss of intellectual property, possibly leading to loss of control over patented information and trade secrets.
  • Post-attack remediation costs, including costs to replace or recreate lost or damaged files and restore damaged systems, the total cost of which averages $139,000 for SMBs5.
  • Reputation damage among partners, vendors, and the public, often leading to lost business from current and prospective customers.
  • Lawsuits, often resulting from threat actors releasing sensitive or proprietary information accessed during the attack, which 86% of attackers threaten6.

Protecting your business from ransomware attacks requires proactive measures to reduce the likelihood of attack, combined with strategies to limit the damage threat actors can do should they gain access to your company’s network.

Contact NexusTek to learn about multi-layered cybersecurity solutions that hit all the angles.


1 .Drapkin, A. (2022, February 7). 82% of ransomware attacks target small businesses, report reveals.

2. Fruhlinger, J. (2020, June 19). Ransomware explained: How it works and how to remove it. CSO.

3. Infrascale. (2020, May 13). Infrascale survey highlights the heavy costs of business downtime.

4. Coveware. (2022, July 28). Fewer ransomware victims pay, as median ransom fall in Q2 2022.

5. Help Net Security. (2022, September 15). SMBs are hardest-hit by ransomware.

6. Coveware. (2022, July 28). Fewer ransomware victims pay, as median ransom fall in Q2 2022.