The Evolving Threat of Ransomware

The Evolving Threat of Ransomware

Ransomware accounted for nearly 80% of cyberattacks from 2020 to 2021.1
The meteoric rise of ransomware has garnered substantial attention over the past decade and for good reason: the malicious software attacks can cripple their intended targets.
Recent data sheds light on the evolving ransomware threat, as enterprise ransomware attacks increased by 78% throughout the course of 2021 and accounted for 81 percent of total cyberattacks from 2020 to 2021.2,3
With danger on the doorstep for millions of businesses both large and small, precautions and counter measures must be put into place to protect critical infrastructure and data.

What Is Ransomware?

Ransomware is a malicious software created to deny access to a computer system until a ransom is paid. Ransomware can be spread in a variety of ways: phishing emails, remote desktop applications and system vulnerabilities. When an unsuspecting victim opens an email or inadvertently falls into an online trap containing ransomware, the virus is silently installed on the victim’s computer. In fact, ransom demand amounts rose 144% from 2020 to 2021, according to Unit 42 by Palo Alto Networks. 4
Ransomware manifests in different ways. Lock screen ransomware displays a window that prevents access to any part of the computer until a ransom is paid. Conversely, file-encrypting ransomware keeps the computer available but scrambles certain files and databases, then displays a pop-up screen with instructions on how to buy a private decryption key that will unlock the scrambled files.

Business Impact

Businesses remain a growing target due to the susceptibility of employees – in fact,
businesses remain a growing target due to the susceptibility of employees – in fact, studies suggest end users will fall for phishing emails over 37 percent of the time.5 To make matters worse, phishing attacks reached an all-time high in Q1 2022, increasing by 54%.6,7
In a 2022 survey, business leaders indicated that Cyber is the number one risk that their business faces, with 40% of all respondents listing cyberattacks as a serious risk.
Reports indicate that over 60 percent of businesses effected by ransomware ultimately paid the hackers in 2021, with ransom payments costing organizations an average of over $900,000 in 2022. 8,9 The average total cost for a business to recover from a ransomware attack in 2021 was close to $2 million, and businesses additionally experienced an average of approximately 24 days of business downtime due to ransomware attacks in 2022.10,11

Protection From an Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommends the following steps to protect yourself or business from a ransomware attack:
  • Update software and operating systems with the latest patches. Outdated applications and operating systems are the target of most attacks.
  • Never click on links or open attachments in unsolicited emails.
  • Backup data on a regular basis. Keep it on a separate device and store it offline.
  • Restrict users’ permissions to install and run software applications and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
  • Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing.
  • Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
  • Configure firewalls to block access to known malicious IP addresses.12
  • Audit your network for systems using Remote Desktop Protocol (RDP) for remote communication and disable the service if unneeded.13
  • Be sure to enable strong passwords along with multi-factor authentication for any RDP-enabled systems.13
Businesses may also want to look at their insurance needs to make sure they’re covered against ransomware and other types of cyberattacks. For example, The Hartford offers products and services that businesses can access for cybersecurity services, employee training and education to reduce cyber risks.

Specialized Cyber Insurance Protection

For more information about help to prepare for, respond to or recover from a cyberattack, visit our CyberChoice First Response página.
1 Sophos, "Interrelated threats target an interdependent world"
2 Forbes, “Ransomware Attacks Hit Two Out of Three Organizations in 2021: Here’s What You Need To Know”
3 Sophos, "Interrelated Threats Target an Interdependent World"
4 Palo Alto Networks, "Ransomware Payments Hit New Records in 2021 as Dark Web Leaks Climbed, According to New Report from Palo Alto Networks Unit 42"
5 KnowBe4, "New KnowBe4 Benchmarking Report Finds 37.9% of Untrained End Users Will Fail a Phishing Test"
6 KnowBe4, "Phishing Attacks Reach an All-Time High, More Than Tripling Attacks in Early 2022"
7  KnowBe4, "Phishing Attacks Increase by 54% as Initial Attack Vector for Access and Extortion Attacks"
8 TechRepublic, "Nearly two-thirds of ransomware victims paid ransoms last year"
9 Palo Alto Networks, "Average Ransom Payment Up 71% This Year, Approaches $1 Million"
10 ITPro, "Average ransomware costs have more than doubled in 2021"
11 Coveware, "Fewer Ransomware Victims Pay, as Median Ransom Falls in Q2 2022"
12, "Ransomware"
13 Federal Bureau Of Investigation, "Cyber Actors Increasingly Exploit The Remote Desktop Protocol to Conduct Malicious Activity"
La información proporcionada en estos materiales brinda información general y de asesoría. It shall not be considered legal advice. The Hartford does not warrant that the implementation of any view or recommendation contained herein will: (i) result in the elimination of any unsafe conditions at your business locations or with respect to your business operations; or (ii) be an appropriate legal or business practice. The Hartford assumes no responsibility for the control or correction of hazards or legal compliance with respect to your business practices, and the views and recommendations contained herein shall not constitute our undertaking, on your behalf or for the benefit of others, to determine or warrant that your business premises, locations or operations are safe or healthful, or are in compliance with any law, rule or regulation. Readers seeking to resolve specific safety, legal or business issues or concerns related to the information provided in these materials should consult their safety consultant, attorney or business advisors. All information and representations contained herein are as of December 2022.
Links from this site to an external site, unaffiliated with The Hartford, may be provided for users' convenience only. The Hartford no controla o revisa estos sitios. La provisiòn de cualquiera de estos enlaces no implica la aprobación o asociación de The Hartford con dichos sitios. The Hartford no es responsable y no ejerce ningún tipo de representación o garantía relacionadas con los contenidos, integridad, precisión o seguridad de cualquier material publicado en dichos sitios. Si usted decide ingresar a sitios que no pertenezcan a The Hartford, lo hace bajo su propia responsabilidad.
The Hartford Financial Services Group, Inc., (NYSE: HIG) operates through its subsidiaries, including the underwriting company Hartford Fire insurance Company, under the brand name, The Hartford,® and is headquartered in Hartford, CT. For additional details, please read The Hartford’s legal notice at
The Hartford Staff
The Hartford Staff
Our editorial team spans writers, researchers, product specialists and subject matter experts. We cover the intersection where best practices and business insights meet.