Skip to main content

Everything You Need to Know About Ransomware Attacks

person typing on computer

Ransomware attacks are on the rise.

As our world becomes more digital, ransomware attacks have been on the rise, particularly in recent years. When many businesses transitioned to remote work in response to the COVID-19 pandemic, ransomware attacks increased 148% in March 2020 over baseline levels from February 2020! Throughout 2020, online criminals took advantage of the pandemic to attack remote workforces and corporate systems.

Ransomware attacks have continued to rise since 2020, though. In 2021, the number of reported ransomware attacks rose by 92.7% from 2020. Cyber criminals primarily targeted North America and Europe, according to Security Magazine.

Around the globe, ransomware is costly. InfoSecurity states that, this year, “ransomware damages are expected to exceed $30 billion worldwide.

And for small businesses, the risk may be even greater. According to Datto, in 2018, on average, small businesses reported 5+ attacks against clients per year. Experts agree that the risk of small businesses suffering an attack will only increase in the near future as these targets adopt security solutions more slowly than large enterprises.

Here’s what you need to know to protect yourself and your business:

What is ransomware? Why should I be concerned?


“Ransomware is a type of malicious software designed to block access to a computer system or computer files until a sum of money is paid,” according to Cybereason. “Most ransomware variants encrypt the files on the affected computer, making them inaccessible, and demand a ransom payment to restore access.”


Users are told that unless a ransom is paid, access will not be restored. The ransom demanded from individuals varies greatly and must be paid in virtual currency, such as Bitcoin.

Recovery can be a difficult process that may require the services of a reputable data recovery specialist, and some victims pay to recover their files. However, there is no guarantee that individuals will actually recover their files even if they pay the ransom. In addition, decrypting files does not mean the malware infection itself has been removed.

How is ransomware “delivered”?

  • Email that appears to be legitimate and which contains links or downloadable attachments is often the way the ransomware is delivered.
  • There are also such things as malicious websites or “drive-by” download attacks where malicious code is unintentionally downloaded. This can take advantage of an app, operating system or web browser that has security flaws due to unsuccessful updates or lack of updates. The user doesn’t have to actively do anything for the attack to happen.

What does ransomware affect?

  • If you find that your personal or business computers are affected with ransomware, it’s wise to assume that any sensitive data was compromised. This includes usernames, passwords, banking and credit card information, client lists and email contacts, and so on.

How can I protect myself?

The Cybersecurity and Infrastructure Security Agency (CISA) recommends the following precautions to protect users against the threat of ransomware:

  • “Update software and operating systems with the latest patches. Outdated applications and operating systems are the target of most attacks.”

  • “Never click on links or open attachments in unsolicited emails.”

  • “Backup data on a regular basis. Keep it on a separate device and store it offline.”

  • “Follow safe practices when browsing the Internet.”

In addition, CISA recommends that organizations:

  • “Restrict users’ permissions to install and run software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.”

  • “Use application whitelisting to allow only approved programs to run on a network.”

  • “Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing.”

  • “Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.”

  • “Configure firewalls to block access to known malicious IP addresses.”


Merchants has you covered!

We have a dedicated risk management site available to all policyholders with information on many cyber liability issues. Our cyber liability coverage provides comprehensive data security and privacy coverage that address both first-party losses, including Cyber Extortion and Ransomware, and third party liability claims, to commercial business owners. With this coverage, you’ll receive expert claims handling and breach response services in the event of a suspected breach, and access to our risk management website.

Talk with an independent insurance agent for more information! 


This article was adapted from an earlier version, which was originally published on May 28, 2020. It was last updated on October 20, 2023.

Blog Categories
Cyber LiabilityAll

Blog Tags
computercyber fraudcyber protectioncyber securityfraudrandsomwareall
Merchants Insurance Group

Merchants Insurance Group

Merchants Insurance Group sells its products through a network of more than 1,000 independent insurance agents in Massachusetts, Michigan, New Hampshire, New Jersey, New York, Ohio, Pennsylvania, and Vermont. We sell our products through independent insurance agents because we believe they provide value to policyholders through their broad range of products and their insurance expertise.