Ransomware attacks are being linked to a litany of psychological and physical illnesses reported by infosec professionals, and in some cases blamed for hospitalizations.
A cybersecurity worker in the financial services industry, for example, pinned the stress of remediating ransomware on their heart attack, which ultimately required surgery to sort out.
Another, working for a charity, was hospitalized after their self-care went downhill following a ransomware attack.
These are just two of the plethora of stories revealed as part of a research piece from the Royal United Services Institute published this week [PDF], examining the untold harms caused by ransomware attacks on organizations and their staff.
It's well known that cybersecurity pros face a challenging work environment with poor staffing levels and excessive workloads.
The industry is as renowned for causing high stress levels as it is for high salaries, and episodes of burnout are so common that infoseccers say the mental and physical toll of dealing with ransomware attacks isn't sufficiently recognized or appreciated.
One RUSI interview with a security specialist working for a consultancy revealed that a ransomware attack was so mentally damaging, due to their personal identity being so closely tied to their professional success, that the incident drove them to the brink of suicide.
A feeling of personal blame was felt in many other cases too, leading defenders to various states of mental ruin.
Some drove themselves to exhaustion, working overly intensely to deal with ransomware for which they felt responsible.
Some were left doubting their abilities, contemplating the decisions made that may have led to the attack - such as implementing sub-optimal controls or checks for vulnerabilities - and the decisions made immediately after the incident, fearing anything they did may worsen the situation.
The lingering threat of regulatory action is also a source of long-term mental strain for defenders, the interviews showed.
Data regulators power to fine organizations for incidents that defenders blamed themselves for, was linked to a worsening mental state.
Reported social harms were plentiful too, with incidents said to have strained relationships both with colleagues and families.
Protracted periods of working, including at weekends, so the attack could be remediated as quickly as possible led to less time spent with loved ones and childcare issues.
Relationships with co-workers can also take a hit in some cases, and in various ways.
The financial harms associated with ransomware attacks are almost exclusively focused on the victim organization, the recipient of the ever-lofty ransom demands.
Workers' wallets also take a hit in cases where members of the IT team or board of directors are fired for their role in the incident, for example.
Many interviewees said they were able to meet payroll requirements but this was often just because the attack occurred shortly after payday, as was the case with the MSP who tipped us off to the attack at direct debit handler London & Zurich.
In one case, a security pro also had to pay for their own therapy sessions to recover from an attack.
The conclusions drawn from RUSI's interviews come amid a backdrop of increasing ransomware attacks, an increase which Microsoft's recent data suggests to be in the realm of more than 200 percent.
This Cyber News was published on go.theregister.com. Publication date: Thu, 18 Jan 2024 17:13:04 +0000