Bricking

Bricking is when a computer or other device is accidentally or intentionally rendered inoperable, which can cause small businesses significant financial losses.

What is bricking?

Bricking is when a computer, server, or other device is made inoperative, making it “as useful as a brick.” It’s a cybersecurity incident that can be caused by firmware corruption, malicious attacks, or failed system updates.

Unlike a typical system glitch, a bricked device can’t just be rebooted. Depending on the severity of the incident, you may need to reinstall the device’s firmware—or completely replace it.

What “bricking” means in cybersecurity

Bricking a business computer or device means rendering it lifeless, like a paperweight. It's not a minor malfunction, it's a complete device shutdown caused by human error, technical failure, or malicious attack.

Intentional bricking

Deliberate bricking is a cyberattack that renders your hardware inoperable. Intentional bricking can look like:

Malware and viruses
Ransomware attacks
Permanent denial-of-service (PDoS)

Accidental bricking

Unintended bricking is typically caused by a human error or technical failure, such as:

Botched firmware updates
Misconfigured patches
Incompatible software

Get the right cyber insurance to protect your livelihood

Small business owner looking for insurance quotes on their tablet.

How bricking happens

There are many ways bricking can happen—maliciously and accidentally. Here are some of the most common causes:

Cyberattacks and firmware corruption

As a type of intentional bricking attack, cybercriminals can use social engineering attacks, malicious downloads, and bots to access devices, corrupt firmware, and destroy operating systems.

Here are a few ways this can play out for small businesses:

IoT mass bricking is a type of automated attack where internet-connected devices, like cameras or routers, are corrupted and rendered useless.

Should a construction company’s digital security system suffer an automated attack, all of its jobsite surveillance cameras could get bricked overnight, leaving expensive equipment and materials unmonitored.

Infrastructure sabotage is a targeted cyberattack on industrial or operational systems that destroys hardware and causes critical damage to equipment.

If a cybercriminal finds an unpatched vulnerability on a manufacturing business insurance parts manufacturer’s digital production system, they could overwrite firmware and brick the entire production line, instantly halting all operations.

Ransomware and destructive attacks

Ransomware can encrypt your data and bar access to important systems. Sometimes, hackers will brick systems to escalate cyber extortion threats when a ransom wasn’t paid.

For example, cybercriminals may threaten to permanently disable a web hosting firm’s server if they don’t pay a ransom. Bricking their servers would cost the company’s clients a catastrophic amount of money and incite a lawsuit against the small firm.

Failed or corrupted software updates

Bricking can also be caused by accidents that lead to permanent damage, such as installing the wrong firmware on a device, or having a critical software update interrupted by a power outage or user error.

For example, a retail store could have a power outage during a software update, corrupting its point-of-sale (POS) system and rendering it inoperable.

Jailbreaking or modding a device—such as removing iOS restrictions on an iPhone—can also brick a device if the process goes wrong.

What devices can be bricked?

Almost any electronic device with firmware can be bricked, including:

Routers and modems
Laptops and desktops
Servers and point-of-sale (POS) systems
Smartphones and tablets, including Apple devices and Android devices like the Samsung Galaxy
IoT devices, like cameras, sensors, and smart TVs

It’s important to understand where your vulnerabilities lie, as just one bricked device can be enough to disrupt operations—and revenue—for a small business.

Can a bricked device be fixed?

Bricked devices can sometimes be fixed, depending on the type and severity of the incident.

There are two types of bricking:

Soft brick: The device won’t boot normally but may be recoverable, or unbricked, through recovery mode, reflashing firmware, or factory reset.
Hard brick: The device is permanently unresponsive, and there is no way to revive it.

When bricking is intentional, attackers typically aim to hard brick to ensure a device can’t be restored.

Why is bricking a serious risk for small businesses?

Most small businesses have limited IT resources and inadequate (or nonexistent) cybersecurity protocols, making them prime targets for cyberattacks. In fact, it has been reported that 43% of cyberattacks target small businesses.

If your business suffers from a cyber event that permanently disables hardware, the financial consequences can be catastrophic. A ransomware attack now costs small firms roughly 53,000 an hour in downtime, and 75% of SMBs don’t have the funds to survive one.

These costs add up quickly, including:

Business interruption expenses, including lost revenue and employee wages
Hardware replacement costs
Customer notification costs for data breaches
Lost customer trust

For example, say a healthcare facility’s computers, check-in tablets, and servers are bricked in a malicious cyberattack. Without access to patient records or the ability to process insurance, the clinic must close until replacement hardware can be implemented.

Bricking vs. other cyber incidents

There are many types of cyberattacks, but the most common include:

Data breaches occur when an unauthorized party accesses sensitive information, such as financial records, passwords, or clients’ personal information.
Ransomware is a type of malicious software that encrypts your files and locks you out of your systems until you pay a ransom.
Malware infections use software to infiltrate systems to cause damage, disrupt operations, steal data, or erase files.

While most of these cyberattacks are recoverable with the right tools, bricking isn’t. It turns your hardware into useless objects, adding replacement costs and operational downtime on top of data loss.

Does cyber insurance cover bricking?

Cyber insurance offers crucial protection for businesses against data breaches and cyberattacks. It helps pay for:

Data breach response costs
Ransomware payments
Legal defense costs, settlements, and judgments

Some cyber policies include limited bricking protection, but most insurance providers require you to purchase bricking coverage as an endorsement.

These add-ons can fill coverage gaps between cyber and commercial property insurance policies, so you’re not stuck with significant losses after a bricking incident, which can include:

Hardware replacement costs
Installation and setup labor expenses
Business interruption losses
Damaged equipment disposal costs

How to reduce the risk of bricking

Although cyber insurance is an essential part of your company's risk management strategy, there are proactive measures you can take to enhance your cybersecurity and reduce the chances of a bricking incident.

Secure firmware and updates

Outdated firmware is one of the easiest entry points for cybercriminals. Protect your devices by:

Applying patches regularly and enabling automatic updates when possible.
Only allow updates from the manufacturer’s official website or your IT vendor.

Limit administrative access

Restricting who can make updates to your critical systems is an easy way to reduce exposure.

For example, baseboard management controllers (BMCs) allow administrators to remotely manage servers even when they’re powered off. A compromised BMC can make it easy for an attacker to brick hardware without physical access.

Protect yourself by:

Limiting access to firmware and BMCs based on role
Requiring strong, unique passwords for all company logins
Enabling multi-factor authentication (MFA) that requires users to provide additional identification to sign in

Use network security tools

A layered cybersecurity protocol makes it substantially harder for hackers to access your devices, which can include:

A firewall to block unauthorized traffic to your systems
Install anti-virus and anti-malware protection on every company device
Endpoint detection and response software to monitor your network data and notify you of threats

Backup and redundancy planning

Backups won't reverse a bricked device, but they can help prevent a hardware shutdown from becoming a major company crisis. Make sure to:

Keep multiple copies of your data off-site
Regularly test all backups
Document your incident response plan and provide it to all employees

If you are still unsure about the best way to protect your business against cyber risks, you can speak with your insurance agent. They can help determine where your business is most vulnerable and identify other options that you can pursue to reduce the risk of future cyber incidents.

Finding the right coverage for your business is easy with Insureon

Get free quotes for affordable bricking insurance from top-rated providers by filling out our easy online application. You can speak with a licensed insurance agent if you have questions about specialized coverage like cyber insurance and bricking protection.

Once you find the right policies for your small business, you can begin coverage in less than 24 hours and get a certificate of insurance (COI) for your small business.

Updated: June 2, 2026

Find insurance quotes for your business

Save money by comparing insurance quotes from multiple carriers.

EXPLORE ON INSUREON

How to start a cybersecurity company How much does business insurance for cybersecurity companies cost?Cyber insurance requirements What to do after a data breach Cyber insurance audit E-commerce cybersecurity: Protect your online store

SHARE THIS ARTICLE