The Human Impact of Ransomware

Image showing the emotional and mental impact of ransomware

In April of 2025 Co-op was hit by a devastating cyber attack. Thanks to quick reactions from the IT team, who acted decisively to take the entire company's IT systems offline, they avoided a punishing Ransomware attack. Nevertheless - customer data was compromised. The criminals stole personal information of all 6.5M Co-op customers.

In an interview with the BBC, Co-op CEO Shirine Khoury-Haq apologised for the data loss. During the interview, she had a chilling recollection of the early hours of the attack. She said:

"Early on I met with our IT staff and they were in the midst of it. I will never forget the looks on their faces, trying to fight off these criminals."

When we think about cyber attacks, we often frame the conversation in terms of business impact - financial loss, reputational damage, disruption. Rarely do we frame cyber threats in terms of the emotional impact - but this line shows that cyber attacks like Ransomware are not victimless crimes. They have a profound impact on the people affected by them.

In this article, we discuss the emotional and mental impact of one of the most devastating forms of cybercrime - Ransomware. We'll discuss how it impacts businesses and the people who work there, and why it truly does pay to invest in cyber defences.

 

What Is Ransomware?

Ransomware is a form of malware designed to encrypt files or lock users out of systems until a ransom is paid—usually in cryptocurrency. The entry points vary: phishing emails, remote desktop protocol (RDP) vulnerabilities, compromised credentials, or infected third-party software. Once in, attackers move fast, encrypting and even stealing data, disabling backups, and dropping ransom notes. Often, they’ll also threaten public exposure of sensitive data.

What’s different today is the target profile: Medium-sized firms—especially those with £20-50M in revenue—are now prime targets. Why?

  • They have enough cash to make payment worthwhile

  • But have comparatively lower investment in cyber than large/enterprise businesses

  • They frequently rely on lean internal IT teams

  • They sit within high-trust supply chains (manufacturing, legal, healthcare, logistics)

Yet while many firms prepare technically—installing endpoint protection, securing backups, or outsourcing to MSPs—they remain unprepared for the emotional and psychological crisis that follows an attack.

The empotional impact of ransomware can include anxiety, anger, and guilt

Executive Anxiety and Crisis Paralysis

In a ransomware attack, time is the enemy. Decisions must be made in minutes, often without full visibility:

  • Do we pay the ransom?

  • What data has been leaked?

  • Are customers or regulators already aware?

  • How do we notify staff, the board, and the media?

  • Will this destroy trust in our brand?

For C-suite leaders, especially CEOs, CIOs, and COOs, this pressure is profound. There’s reputational risk, legal liability (especially under GDPR), and the career-defining weight of leadership in crisis. One wrong move—delay, disclosure, negotiation—can snowball.

This can lead to analysis paralysis. Without clear plans or rehearsed scenarios, executives often freeze or default to reactive posturing. Without strong leadership and a clear plan, delayed action can rapidly and exponentially magnify the impact.

The emotional strain can’t be understated. Anxiety, self-doubt, burnout, and post-incident fallout—this is the human cost of ransomware that few prepare for.

IT Teams on the Edge

Ransomware is emotionally brutal on IT and cybersecurity teams. In many midmarket organisations, these teams are small, under-resourced, and stretched thin even during normal operations.

Once ransomware hits, they’re suddenly:

  • Working 18+ hour days

  • Dealing with executives, legal counsel, and insurers

  • Handling external forensic investigators

  • Wrestling with guilt over perceived “failures”

  • Fighting to keep their company, and therefore their job, alive

The culture of blame can quickly take hold—especially if no pre-incident tabletop exercises have prepared the business. Key staff may burn out, resign, or suffer lasting mental health impacts.

Employee Morale and Trust Breakdown

In most ransomware events, internal communications collapse. Staff can't access email, files, payroll systems, or even HR contact details. They’re left confused, frustrated, and in the dark. The longer the outage, the more severe the fallout.

Common reactions include:

  • Fear: “Is my personal data safe?”

  • Anger: “Why weren’t we better protected?”

  • Distrust: “Are leaders telling us the full truth?”

  • Anxiety: “Will this affect my job or our clients?”

Worse still, vague or overly legalistic communications can heighten panic. For midmarket businesses—where close-knit cultures are the norm—this emotional breach can damage morale, productivity, and trust well after systems are restored.

Ransomware’s Reputational Blow

Externally, ransomware is a brand destroyer. A single attack can lead to:

  • Lost contracts

  • Breach of trust with partners

  • Media scrutiny

  • Regulatory investigation

  • Long-term customer churn

The emotional resonance of being seen as “unsafe” or “untrustworthy” is hard to reverse—especially if sensitive data (client details, IP, payroll) ends up on the dark web.

A recent, highly publicised article highlighted the story of a 160-year-old haulage firm who were put out of business when a ransomware attack encrypted critical financial data - halting operations. As a result of the attack, all 730 employees lost their jobs overnight.

Speaking about the attack, Paul Abbott, a member of the board at the haulage firm said: 

"We felt we were in a very good place in terms of our security, our protocols, the measures we'd gone to to protect the business"

Mr Abbott had a stark warning for other bosses to check their IT systems: "There are hundreds of businesses being compromised. The issue is the reputational damage. Whatever you think you've done, seriously get it checked by experts. People don't think it's going to happen to them."

Investing in cyber defences is sensible. Look for: Threat Detection, MDR, Firewalls, Employee Training, Mail Protection, and Backup

Recovery Isn’t Just Technical—it’s Cultural

The standard recovery playbook—restore backups, secure entry points, engage insurers—is only half the equation. True resilience requires cultural investment.

This includes:

  • Crisis rehearsals with execs and IT leads

  • Clear ransomware communication protocols for employees, clients, and press

  • Psychological safety: Make it okay to report issues early, without blame

  • Post-incident support: Debriefs, counselling, and HR-led recovery sessions

The best solution is to invest in your defences

Many companies are still far too exposed to cyber threats. Most still mistakenly believe that installing Endpoint Detection (EDR) on their computers will be enough to protect them. 

The truth is, effective cyber defences require a holistic approach. A great starting point is the cyber essentials accreditation, which really should be the baseline for all businesses trading in the UK.

READ HERE: Why your business needs cyber essentials.

A typical holistic cyber approach for mid-sized companies taking cyber seriously includes:

  • Managed Detection & Response (MDR)
  • Employee Cyber Training (Human Risk Management)
  • Business Email Compromise (BEC) Protection and anti-phishing
  • Firewall and Network Security
  • SIEM
  • Backup & DR (regularly tested)

Don't take the risk

As a business leader in a midmarket company, you should consider cyber risk not just in terms of operational impact, but also in terms of the emotional or mental impact faced, not just by your employees, but by you.

As individuals, we all want to take measures to impact our own personal security - think locks, cctv, insurance. But we often have a blind spot when it comes to the risks to our businesses. Yet - the risks are very real. For Mr Abbott, mentioned earlier, one cyber attack eradicated the business he dedicated 16 years of his life to, and eradicated the jobs of his 730 staff.

Cyber criminals are highly organised and highly motivated, and any cyber expert will tell you that no business is safe. A Ransomware attack can happen without warning. If your defences are weak, the impact will be greater.

Our advice is to never take a chance with your cyber security. Take steps to protect yourself, starting with a full audit of your IT systems using the Cyber Essentials framework - enlist the help of an MSP to guide you through this process.

Read More: entrustIT recommends a number of cyber defence measures

Subscribe here!

Recent Posts

Posts by tag

See all