Many consumer victims of ransomware scams fail to get access to their data even after they pay off extortionists, according to a survey by Kaspersky.
The poll found that close to half (46%) of UK ransomware victims paid the ransom to restore access to their data last year, yet even for an unfortunate 11% of those that shell out, paying the ransom did not guarantee the return of stolen data.
Whether they paid or not, only 18% of UK victims surveyed were able to restore all their encrypted or blocked files following an attack.
More than half (55%) lost at least some files, 35% lost a significant amount, and 20% lost a small number of files. Meanwhile, 13% who did experience such an incident lost almost all their data.
The figures are based on the UK segment of a multi-national poll (PDF) of 15,000 consumers commissioned by Kaspersky.
Marina Titova, head of consumer product marketing at Kaspersky, commented that “handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice”.
Kaspersky advises users to regularly back up their data and use security software in order to safeguard against potential ransomware infestation.
Consumers are advised to avoid clicking links in spam emails or visiting unfamiliar websites. Caution in opening email attachments from senders you do not trust, or in using USB discs of uncertain origin, is also advised.
Shakedown
Ransomware is a form of malware that either encrypts data or (less commonly) locks users out of their devices. Victims are told they need to pay in order to get access to encryption keys that will supposedly unlock their compromised data.
Payments are typically levied in digital currency typically bitcoin, with prices that escalate in time in order to further coerce unfortunate marks into paying up.
A recent study by cyber intelligence firm Group-IB separately estimated that the number of ransomware attacks grew by more than 150% in 2020.
Ransomware attacks not only grew in number, but also in scale and sophistication – the average ransom demand increased by more than twofold and amounted to $170,000 in 2020.
Demands when enterprises are targeted are obviously higher than those thrown against consumers, and Kaspersky was unable to offer an estimate for the difference at the time of going to press.
Kaspersky’s survey was released on the eve of World Backup Day (March 31).
Source: https://portswigger.net/daily-swig/ransomware-nearly-a-fifth-of-victims-who-pay-off-extortionists-fail-to-get-their-data-back