Because it pays!
In fact, it pays very well indeed.
Forty-four percent of the time.
And those behind it are hardly likely to get caught either.
The perfect crime, some may say.
So just how much are people prepared to pay to get their encrypted data back? Well, according to Bitdefender, the answer is a good chunk of change as 31% of the 1,906 respondents in a recent survey said they would hand over four hundred British pounds to get their mitts on their holiday snaps and lawfully downloaded movie collections.
But what if the price was a bit lower?
As those of us in security circles know, the going rate for low-level ransomware has been nearer £300 lately. Would that price tempt a few more people out of saying “sod it” and starting the reformat and reinstall game?
Why, yes, it would.
Bitdefender says 44% of British ransomware victims have handed over the cash to recover their encrypted data.
That’s a lot of money!
In fact, it’s enough to encourage victims and non-victims alike to make regular backups.
Well, hopefully, as 39% of ransomware victims think they’ll get stung again. And you know what? They’re probably right. Once bitten, forever marked as someone who pays they shall be, thus inviting all manner of future ill fortune upon themselves in the future.
Catalin Cosoi, Bitdefender’s chief security strategist, said:
The ransomware phenomenon has been hitting internet users and generating huge profit for cybercriminals for years. While victims are usually inclined to pay the ransom, we encourage them not to engage in such actions as it only serves to financially support the malware’s developers. Instead, coupling a security solution with minimum online vigilance could help prevent any unwanted ransomware infection.
Brian Honan, our CEO, says:
- Keep your software patched and up to date.
- Employ reputable anti-virus software and keep it up to date.
- Backup your data regularly and most importantly verify that the backups have worked and you can retrieve your data.
- Make staff and those who use your computers aware of the risks and how to work securely online.
And I say:
Never pay ransoms as that will… lead to more ransoms in the future. Inform law enforcement and, if at all practical, keep your customers informed as to what is going on. Also, be on your guard for ransomware on non-Windows devices and be aware that newer variants, such as Chimera, also employ doxing, meaning they will pepper your ransomed files (unencrypted) all over the internet if you don’t pay up.