Ransomware has proven to be a lucrative tool for cyber-criminals targeting large enterprises and verticals like healthcare—gambits that can bring in tens of thousands of dollars for one attack. But it turns out that consumers are at risk too.
Research from cybersecurity firm Trustlook found that consumers are increasingly being targeted with ransomware—and, perhaps surprisingly, many of them are paying up. A full 38%, in fact, get out their wallets in hopes of clearing the issue.
Most users are completely unaware of the threat posed by ransomware attacks—in fact, 45% of consumers don't know what ransomware is. Thus, they’re not prepared to handle them. Trustlook’s research shows that this lack of awareness and apathy is resulting in insufficient action taken to protect devices and data: One quarter (23%) of consumers do not backup the files on their computer or mobile device.
Only about half (48%) of consumers are not worried about becoming a victim of a ransomware attack.
“Ransomware is malicious software that locks all files on a targeted computer or network until the owner pays the ransom,” the firm said. “While it’s true that hackers may have more to gain from large organizations, experts say they see consumers, with their lack of sophistication in security, as lower-hanging fruit. Because consumers usually have fewer information security resources than large organizations, breaches are far easier to achieve and are more likely to have a meaningful impact, and thus are more likely to result in a payment.”
Other findings include the fact that 17% of consumers have been infected with ransomware. The average dollar range of payouts was $100-$500.
Since the beginning of 2016, ransomware has gone from a relatively exclusive category of malware utility to a mainstream destructive tool used in wave after wave of phishing attacks against individuals and companies alike. There are a few reasons for this, according to the report: Ransomware is delivered primarily via a phishing email, which means consumers and employees, who are the last lines of defense in any security stack, must be trained to identify it in order to prevent it. This has made traditional security measures, such as antivirus tools, less effective. In addition, the rise of crypto currencies such as Bitcoin have had a dramatic impact on the number and type of cybercrime opportunities. These tools have become the engine of cybercrime by making it safe and easy to transfer money anonymously.
For consumers who are worried that they might become a victim of ransomware, the advice is simple: “Backup your data to multiple devices, and to at least one device that is not connected to a network,” says Allan Zhang, co-founder and CEO of Trustlook. “Also, be cautious of emails by checking the sender’s email address before clicking any link.”