Professional Documents
Culture Documents
Ransomware Report Final
Ransomware Report Final
Since ransomware is widely recognized throughout the cybersecurity community as a significant cyber threat, Kaspersky
Lab wanted to gain insight into consumers’ understanding about serious cyber threats like ransomware. The company
also wanted to know if they are taking adequate action to safeguard their digital lives from such threats.
To help us gain this knowledge, Kaspersky Lab commissioned the research firm Opinion Matters to survey over 5,000
consumers in the United States and Canada, aged 16+.
The study results suggest consumers are unaware of ransomware, are not worried about ransomware attacks, and
don’t know what type of data can be stolen during this type of attack.
The findings also highlight that there is a discrepancy between the spread of ransomware attacks and what consumers
actually know about the topic.
• More worrisome is the fact that 43% of Americans and 46% of Canadians admitted to not knowing what type of data
or information can be stolen during a ransomware attack.
• When facing a ransomware attack, consumers are unsure of how to remediate the damage, with 25% of all participants
believing that disconnecting the computer from the internet could stop the attack. Also, 15% of Americans and 17%
of Canadians think unplugging the computer or turning off the mobile device could stop it, with a small amount
believing negotiating with the attacker is the best way to stop the attack.
• Despite the risk of losing digital assets like photos, videos and audio files, most (53%) are not willing to pay a ransom.
On average, respondents would be willing to pay only a small amount to recover their personal digital files – less
than the average consumer pays monthly for lunch.i
• Surprisingly, 26% of Americans and 24% of Canadians said they would be willing to give up social media permanently
in order to guarantee the future protection of their personal digital files.
• The top three things respondents were most concerned with losing were their bank account information, their social
security number and their credit card details. Female respondents were more concerned about losing personal
photos than their male counterparts (18% compared to 12% of males in the U.S. and 21% compared to 12% of males
in Canada)
• Despite a lack of knowledge about ransomware, a sizable amount of consumers are using internet security on their
devices, with only 11% of U.S. respondents and 12% of Canadian respondents indicating that they don’t have internet
security installed on any of their personal digital devices.
Beyond industry reports, this type of malware is making front page headlines,
attacking everything from personal computers and smartphones to hospitals
and police departments. Mobile phones are being attacked by malware like
Dogspectus, a ransomware sample that infects smartphones and tablets via drive
by download. Even Macs users are not safe; the KeRanger malware maliciously
encrypts a hard drive and then asks for payment to allow the user to decrypt the
disk and access their data.
During the last two years, the U.S. Federal Bureau of Investigation (FBI)
processed about 4,200 ransomware complaints and estimated victims
lost more than $47 million.v These complaints include victims like
Hollywood Presbyterian Medical Center in California and the
Tewksbury Police Department in Massachusetts, both of which suffered
at the hands of ransomware attackers and ended up paying the ransoms.
As part of its commitment to help people protect what matters most in their
online-enabled world, Kaspersky Lab commissioned this research to explore
consumer awareness of ransomware across the United States and Canada.
RESEARCH METHODOLOGY
The quantitative study was undertaken by research firm Opinion Matters, which
surveyed 4,121 adults aged 16+ from the United States, and 1,023 adults aged 16+
from Canada. The survey was undertaken online from March 2016 to April 2016.
The results revealed that consumers today do not know about ransomware,
are not worried about ransomware, and don’t know what data can be stolen
from them during this type of attack.
For many consumers, ransomware is not top of mind. The top three cyber Only 16% of American
threats respondents are currently most worried about are viruses (USA: 75%, respondents and 13% of
Canada: 68%), spyware (USA: 55%, Canada: 48%), and Trojans (USA: 52%, Canadian respondents said
Canada: 45%). ransomware was one of the
top five cyber threats they
When looking at some of the survey demographics, of the small amount that were most worried about.
was concerned with ransomware attacks, more males were worried about
ransomware. In the U.S., 22% put it in their top five cyber threats, compared
to 15% of females.
Chart
Title
Figure 1: Consumer response to what can be stolen in a ransomware attack
43%
I don’t know what can be stolen in a ransomware attack
46%
38%
Access to a computer system
33%
38%
Passwords
36%
33%
Documents
29%
32%
Financial information
28%
31%
Social media login information
29%
31%
Social security numbers
26%
30%
Photos
28%
23%
Money
21%
19%
Apps
18%
6%
Other
7%
U.S. Canada
US Canada
This could indicate a lack of knowing what digital files should be protected. Several respondents declared
Not knowing that cybercriminals can take personal documents, photos, videos, that they would be willing to give
audio files and lock them out of a person’s reach, can leave people vulnerable. up social media permanently in
Especially as only 31% believe financial information could be taken during a order to guarantee the future
ransomware attack. protection of their personal
digital files (26% of Americans
Despite not knowing that personal information could be stolen, the findings and 24% of Canadians).
highlighted the elevated importance that consumers placed on the personal
data they store on digital devices and the fact that they cannot live without their
digital files.
Figure 3: What consumers worry most about losing in a cyber crime attack
Bank account information 78%
Home address 9%
Work documents 4%
Date of birth 6%
Telephone number 3%
“Today’s consumers store so much on their devices. More stuff than they even realize. The problem
is, many of them are not thinking ‘what if I lose access to all my photos, music, videos?’ when that is
exactly what they should be worried about and preparing for. Learning how to protect yourself against
it is so simple and necessary, especially if the data is of great value to you and you felt like you could
not do without it if you were attacked by ransomware. If you value your personal data – protect it.”
Ryan Naraine, Head of the Global Research and Analysis Team, USA, Kaspersky Lab.
When asked ‘if you fell victim to a ransomware attack, what do you think could
stop the attack?’ The majority of respondents wouldn’t know what steps to take
in response to a ransomware attack (46%). The findings also indicated that the
percentage of respondents who would not know what steps to take grew with
increasing age, from 37% of those aged 16-34 to 54% of those aged 55+.
More concerning, 15% of Americans and 17% of Canadians think unplugging the
computer or turning off the mobile device could completely stop it, with a small
amount believing negotiating could stop the attack.
Although not the recommended method for attempting to stop an attack for
several reasons, 24% of respondents said that paying a ransom to access the files
could stop the cybercriminals from continuing to take hold of a digital device.
While many people may not know the way to stop an attack, many would
not be willing to give in to the demands of the attackers. Over half (53%) of
respondents are not willing to pay a ransom. Of those that would pay a ransom
to recover use of their device or personal files, respondents would be willing to
pay, on average, only a small amount to recover their personal digital files – less
than the average consumer pays monthly for lunch.
One promising aspect shown by the data is that those surveyed are using internet
security on their devices. More than three fourths (77%) of respondents who
have personal devices have internet security installed on a PC, laptop computer
or Mac, 47% have it on a smartphone, and 31% have it on a tablet.
However, 11% of Americans and 12% of Canadians don’t have internet security
installed on any of their personal digital devices. This is slightly better than the results
of the Digital Amnesia study, which found one in four (28%) does not protect any of
their devices with additional security.viii
I don’t have internet security installed on any of my personal digital devices 11%
In addition, consumers are regularly backing up their files. Almost all (84%) of
survey participants said they back up their digital files that are stored on their
personal devices. The top three ways of backing up digital files were by using the
cloud, an external hard drive and by using email.
“Ransomware is a growing epidemic in 2016 and we are likely to see it continue in the near future.
Although it has been around for more than a decade, we have seen a recent explosion of new
ransomware families that is cause for concern. For cybercriminals, ransomware is a popular and
effective method of making money by preying on weaknesses in consumers. As long as people are
willing to click on attachments in emails or visit suspicious websites to see the latest viral video,
cybercriminals will continue to use ransomware long into the future.”
Ryan Naraine, Head of the Global Research and Analysis Team, USA, Kaspersky Lab.
Although many people have the right idea when it comes to not paying the attacker, and many backup their digital
files, being informed is one of the best defenses against ransomware.
Furthermore, the results of this study demonstrate that if people value their digital life – pictures, documents, videos,
passwords, etc. – then proper security steps need to be taken, including using an advanced internet security solution
and routinely backing up their files.
Ransomware is a growing cyber threat that impacts consumers of all ages and will continue to be a threat as long as
cybercriminals can continue a monetary gain from it. Kaspersky Lab is committed to helping people understand the
threats they face in the cyber world and empowering them to effectively address and prevent those threats in order to
keep both consumers and their data protected.
“To combat ransomware now and in the future, consumers (and businesses) need to have a multi-
layered approach to staying safe. The use of modern anti-malware technology with proactive
protections along with regularly backing up important files and making sure they are stored offline is
imperative. Add in some common sense when it comes to clicking on attachments and strange links,
and you can minimize your exposure to risk.”
Ryan Naraine, Head of the Global Research and Analysis Team, USA, Kaspersky Lab.
Kaspersky Lab
500 Unicorn Park, 3rd Floor Woburn, MA 01801 USA
Tel: 866-563-3099 | Email: corporatesales@kaspersky.com
To learn more visit us at: usa.kaspersky.com
© 2016 AO Kaspersky Lab. All rights reserved. Registered trademarksand service marks are the property of their respective owners.