Dec 11, 2023 | Blogs, Resources

The Thinker’s Guide to Ransomware

By Craig McLellan, Founder and CEO, ThinkOn

Everywhere you turn these days, a new ransomware attack is making headlines. Today’s cybercrime is well-organized, fast-evolving, and sophisticated, with cumulative costs that far exceed any ransom demand. And no one is immune; when governments, public sector agencies, and businesses, large and small, are all being impacted, it can feel like you’re in a no-win situation—that it’s only a matter of time before you, too, find yourself in the news.  

But instead of throwing up your hands in defeat—or worse, pretending it can’t happen to you—what if you changed the narrative…flipped the script on cybercrime? Could accepting the inevitability of a cyberattack actually help you survive one?

To find the answer, our team of expert Thinkers recently took a deep dive into the world of ransomware and returned with a practical guide for today’s data-driven organizations. Ransomware & You: The Thinker’s guide to comprehensive ransomware protection explores the evolution of ransomware, reveals why today’s defense is only as good as yesterday’s threat, and provides strategies for systems defense and data recovery.

It’s a data world after all

Digitalization, once the goal of IT organizations around the world, is now here—powering retail, health care, supply chain logistics, government services, smart cities…and much more. According to IDC/Statista, the total amount of data created, captured, copied, and consumed globally is projected to grow to more than 180 zettabytes per year by 2025[i]. This digital transformation has impacted every aspect of global society in subtle and not-so-subtle ways, and we’ve come to both rely on and enjoy the conveniences that come with it. But the bigger our digital footprint becomes—especially with the exponential growth of the Internet of Things (IoT) to manage everything from remote sensing for cargo logistics to your smart home thermostat—the greater our risk exposure becomes.


Navigating the complex threat of cyberattack is like playing a game of whack-a-mole. You’ve no sooner plugged one hole in your defenses than a savvy hacker finds another. In the first quarter of 2023 alone, Check Point reported an average of 1,248 cyberattacks each week, impacting 1 in 31 organizations, worldwide[ii], while IDC/Statista estimates that 230,000 new malware forms are created every day[iii]. The hack itself has evolved from the early days of spray-and-pray phishing scams to sophisticated and precisely targeted attacks, with threat actors taking advantage of every new technological advance—like using AI and machine learning to improve password-cracking algorithms[iv].

And it’s not just the hacks that have become more well-organized—it’s the entire industry. Hacking has evolved to include business models as sophisticated as the malware codes they create. Cryptocurrencies and untraceable messaging systems have facilitated an order of magnitude leap forward for an industry where hackers now sell ransomware-as-a-service kits online for as little as 40 dollars each, turning cybercrime into a DIY project that just about anyone can take on. Whether the goal is to make some money, conduct state-sponsored intelligence gathering, or to create a tool for social activism, there’s a RaaS service out there that can do the job.

Hacking the system

As cybercrime becomes more sophisticated, organizations can no longer pretend it won’t happen to them. Nor can they take a “good-enough-is-good-enough” approach to system protection and data recovery. Companies generally don’t invest enough focus or money into the systems and technologies necessary to keep up with the volume of attacks—and that’s a problem.

Companies must take systems security seriously at all levels of the organization—including mandatory cyberthreat awareness training education for all stakeholders, the latest in multilayered cybersecurity technology, up-to-date systems maintenance (don’t delay—install that new update!), and due diligence checks for third-party service providers.

But that’s only half a solution.

A shift in mindset

While data protection is critical, even the best defense is no guarantee. So, here’s where that shift in mindset comes in. If we accept that ransomware is a fact of life in our digital-first world, we’re better positioned to plan for what happens if the defense fails. And for that, we turn to comprehensive backup and disaster recovery as a service. Together, BaaS and DRaaS can get your business up and running fast and with minimal data loss—no matter what kind of data disaster you’re facing.

Want to know more?

The best way to face the threat of ransomware is head on, so get the facts and make a plan. Visit to download your copy of Ransomware & You: The Thinker’s guide to comprehensive ransomware protection and discover how a holistic approach to cybercrime might be easier than you thought.

Make headlines for all the right reasons with ThinkOn—where data thrives.


[ii] Alessandro Mascellino. 2023. Infosecurity Magazine.  “Global Cyber Attacks Rise by 7% in Q1 2023.”


[iv] Rabiul Islam. 2023. Forbes. “AI And Cybercrime Unleash A New Era Of Menacing Threats.”

Connect on Social