Kaspersky shares new survey data on employee perceptions and readiness of ransomware attacks
Kaspersky research experts observe that roughly 900,000 to almost 1.2 million of all users are targeted by ransomware every six months, and ransom amounts cost up to $1,032,460 on average. With these staggering numbers in mind, Kaspersky sought to understand why these attacks are becoming more prevalent in business environments.
When asking respondents if they were able to define ransomware, 37% of respondents were unable to accurately define the term which is described as when a computer system is held to ransom, restricting access to files and demanding the user pays a ransom to remove the restriction. Given the lack of awareness around this attack vector, it is clear to see why cyberattacks are more prone to this strategy as they are able to more easily and successfully target a larger community of users with lucrative, accessible funds.
For respondents who have previously experienced a ransomware attack, 2 in 5 respondents (40%) said they also would not know the immediate steps to take in response to a ransomware attack highlighting their continued lack of concern and education over this financially devastating cyber-attack. Additionally, 30% of people who have experienced a ransomware attack appropriately responded that disconnecting a computer from the internet would be the best first step to take stop an attack.
Understanding that business employees are unaware of ransomware and its effects, the question of who is most responsible for combating these attacks also brought to light that 68% of respondents feel that IT security teams should be held most responsible for safeguarding private employee information by having the proper security protections in place to defend against ransomware attacks. A further breakdown of this question found that men were more trusting with 1 in 10 (10%) male respondents versus 1 in 14 (7%) female respondents reporting they have complete trust that their organization will keep private information safe and successfully stop a ransomware attack.
Unlike other types of cyberattacks, ransomware touts the promise that if a financial payment is made to attackers, victims will regain access to their computers, private files, and information. That might lead employees to believe that simply paying a ransom will restore their IT infrastructure back to normal, however, Kaspersky experts do not ever recommend paying a ransom. This advice falls in line with how business employees feel about paying a ransom as the overwhelming response concluded that just over two thirds (67%) of respondents in North America would not be willing to pay any amount of money to recover personal digital files or devices they could no longer access if they fell victim to a ransomware attack.
“When it comes to the question of paying a ransom, our recommendation is to never pay a ransom, and there are a few reasons for this,” said Brian Bartholomew, Principal Security Researcher, Global Research and Analysis Team at Kaspersky North America. “First, paying a ransom will never guarantee that all of your data will be returned – it might be partially returned or not at all. There is also no way to tell if your information has been sold in underground markets once obtained. Second, paying a ransom only encourages cybercriminals to further carry out these attacks as they are one of the most financially profitable attacks malefactors can perform. The more business organizations give in to ransomware attacks, the more we will see them continue to trend in the threat landscape.”