The debate over whether ransomware victims should ‘pay up’ could be redundant, because large numbers of victims don’t actually get their files back, even if they have paid the cybercriminals. That’s according to a study by the IT security product company Kaspersky Lab. The IT firm found that over a third of victims (36 per cent) choose to pay a ransom to release their files after a ransomware attack, but one in five users still don’t get their files back. As a result, the firm is urging users not to give in to ransomware criminal demands, but to report crimes to the authorities instead.
The findings, which are part of the Kaspersky Consumer Security Risks Survey 2016, show the scale of the ransomware threat and the severe consequences for people’s data. Almost one in five consumers (17 per cent) has been affected by ransomware, with six per cent actually having their files held at ransom by cybercriminals as a result.
Ransomware cyber-attack victims are often faced with the difficult decision of whether to pay the financial ‘ransom’ demand – fueling the criminals’ business – or not. However, the new research shows that paying the ransom is not even a guarantee that access to data will be restored. When infected with ransomware, nearly half (47 per cent) have almost all of their files encrypted and a quarter (26 per cent) have a significant number of files encrypted. Moreover, 17 per cent have lost all of their data as result of infection, and only 28 per cent could restore all their files. Despite this, almost a quarter (24 per cent) of Internet users are still not fully aware of the threat of ransomware.
Andrei Mochola, Head of Consumer Business at Kaspersky Lab, said: “We urge all ransomware victims, whether they are large organisations or single individuals, not to pay the ransom demanded by criminals. If you do, you will be supporting the cybercriminals’ businesses. And, as our study shows, there is no guarantee that paying the ransom will actually give you access to your encrypted data. The best way to protect yourself and your files from ransomware is with an effective security solution. In addition, Kaspersky Lab, together with other security vendors and law enforcement agencies, is constantly working on detecting the criminal servers that store decryption keys and retrieving the keys from them. From a consumer perspective, what’s really important is that ransomware is reported to law enforcement agencies to help fight this threat.”
The firm says it recommends users stop paying ransoms to criminals. The No More Ransom initiative, launched by the Dutch National Police, Europol, Intel Security and Kaspersky Lab, is sharing decryption tools to help victims recover their data without paying a ransom. The project, since its launch two months ago, has already helped more than 2,500 people decrypt their data. Tools for decryption, and more information, can be found on the No More Ransom project website.
