More than half of ransomware victims pay up, but only 15% see full data returned, survey finds

Kaspersky study included 15,000 people from various countries, including the UAE

Scammers often steal passwords by infecting people’s phones by a malware or dupe them into revealing it.
Powered by automated translation

More than half (52%) of ransomware victims handed over money to restore access to their data last year, according to a global study of 15,000 consumers conducted by global security company Kaspersky.

However, 15 per cent of people who did pay the ransom found it did not guarantee the return of their data.

Ransomware is a virus that uses encryption to hold a victim's information at ransom. Criminals encrypt an individual's or organisation's important data so that they cannot access files, databases or applications. A payment is then demanded in return for the decryption code.

Handing over money doesn't guarantee the return of data, and only encourages cybercriminals to continue the practice

With more people working remotely from home, the threat of ransomware is growing, as is the need to raise public awareness about cybercrime.

Eighty per cent of those surveyed said they use a personal computer to work from home and 23 per cent admitted always giving applications access to microphones or webcams.

Kaspersky’s report, ‘Consumer appetite versus action: The state of data privacy amid growing digital dependency’ revealed that 56 per cent of those surveyed had been targeted by ransomware.

For 28 per cent of those targeted, the estimated loss was less than $100 (Dh367). Nearly half of victims (43 per cent) said the loss ranged from $250 to $1,999. The top end of payouts was between $2,000 and $4,999, which affected 3 per cent of victims.

Regardless of payment, only 17 per cent of those targeted were able to restore all of their encrypted data. More than half lost at least some files, and 13 per cent of those targeted lost everything.

“This shows we have seen a significant proportion of consumers paying a ransom for their data over the past 12 months," said Marina Titova, head of consumer product marketing at Kaspersky.

"But handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice. Therefore, we always recommend that those affected by ransomware do not pay as that money supports this scheme to thrive.

“Instead consumers should make sure to invest in initial protection and security for their devices and regularly back up all data. This will make the attack itself less appealing or lucrative to cybercriminals, reducing the use of the practice, and presenting a safer future for web users.”

Kaspersky recommendations if you find yourself a victim of ransomware:

  • Do not pay the ransom if a device has been locked. Paying extortionate ransoms only encourages cybercriminals to continue their practice. Instead, contact your local law enforcement agency and report the attack
  • Try to find out the name of the ransomware Trojan. This information can help cybersecurity experts decrypt the threat and retain access to your files.
  • Avoid clicking links in spam emails or on unfamiliar websites and do not open email attachments from senders you do not trust
  • Never insert USBs or other removal storage devices into your computer if you do not know where they came from
  • Protect your computer from ransomware with a comprehensive internet security solution like Kaspersky Internet Security
  • Backup your devices so your data will remain safe if you do experience a ransomware attack