Research from Kaspersky Lab shows that the debate over whether ransomware victims should ‘pay up’ could be redundant because large numbers of victims don’t actually get their files back even if they have paid the cybercriminals. The study found that over a third of victims (36 per cent) choose to pay a ransom to release their files after a ransomware attack, but one in five users still don’t get their files back. As a result, Kaspersky Lab is urging users not to give in to ransomware criminal demands, but to report crimes to the authorities instead.
The findings, which are part of the Kaspersky Consumer Security Risks Survey 2016, show the scale of the ransomware threat and the severe consequences for people’s data. Almost one in five consumers (17 per cent) has been affected by ransomware, with six per cent actually having their files held at ransom by cybercriminals as a result.
Ransomware cyber-attack victims are often faced with the difficult decision of whether to pay the financial ‘ransom’ demand – fueling the criminals’ business – or not. However, the new research shows that paying the ransom is not even a guarantee that access to data will be restored. When infected with ransomware, nearly half (47 per cent) have almost all of their files encrypted and a quarter (26 per cent) have a significant number of files encrypted. Moreover, 17 per cent have lost all of their data as result of infection, and only 28 per cent could restore all their files. Despite this, almost a quarter (24 per cent) of Internet users are still not fully aware of the threat of ransomware.
Andrei Mochola, Head of Consumer Business at Kaspersky Lab, commented: “We urge all ransomware victims, whether they are large organisations or single individuals, not to pay the ransom demanded by criminals. If you do, you will be supporting the cybercriminals’ businesses. And, as our study shows, there is no guarantee that paying the ransom will actually give you access to your encrypted data. The best way to protect yourself and your files from ransomware is with an effective security solution. In addition, Kaspersky Lab, together with other security vendors and law enforcement agencies, is constantly working on detecting the criminal servers that store decryption keys and retrieving the keys from them. From a consumer perspective, what’s really important is that ransomware is reported to law enforcement agencies to help fight this threat.”
Kaspersky Lab offers multi-layered protection against this widespread increasing threat. Kaspersky Lab’s solutions combat all known types of ransomware to secure user data. With these solutions in place, most ransomware is “caught” when it is attempting to penetrate a device. Even if malware does manage to sneak through, there is another layer of protection – System Watcher technology – that is able to block and roll back malicious changes made on a device, such as the encryption of files or blocked access to the monitor.
To further help the situation, Kaspersky Lab recommends users stop paying ransoms to criminals. The No More Ransom initiative, launched by the Dutch National Police, Europol, Intel Security and Kaspersky Lab, is sharing decryption tools to help victims recover their data without paying a ransom. The project, since its launch two months ago, has already helped more than 2,500 people successfully decrypt their data. Tools for decryption, and more information, can be found on the No More Ransom project website.