Here's another reason not to negotiate with ransomware scammers

(Image credit: Shutterstock)

Only a small proportion of companies who pay up to ransomware hackers ever see all their data returned in full, new research has claimed.

A report from Kaspersky polling 15,000 of its customers found just below half (46%) paid the ransom - but for just over a tenth of those companies (11%), paying up did not guarantee the return of stolen data.

Analyzing all the victims (paying and non-paying ones), less than a fifth (18%) managed to restore the locked files, while the majority (55%) managed to partially retrieve them. A third (35%) lost a “significant amount”, while 13% lost almost all of their data, with a fifth saying they had lost some files.

Ransomware is a form of malware in which the victim’s devices, networks, and cloud-based solutions are encrypted. The victim is required to pay for the decryption key, most often in Bitcoin, or other cryptocurrencies. In many cases, criminals will also steal the files before encrypting them and will threaten to sell or release the data online unless the demand is met. 

Unlike the advice recently given out by the FBI, Kaspersky recommends not paying the ransom, arguing that it does not guarantee the victim its files back, but it does guarantee criminals being additionally motivated for more ransomware attacks. It also does not guarantee that the victim won’t be targeted again in the future.

Instead, the company says victims should notify law enforcement agencies and try to find out the name of the Trojan that was used, as there is a chance that cybersecurity experts could find a decryptor. Employers are also encouraged to educate their workforce on the dangers of phishing and online fraud, as well as set up industry-standard back-up solutions. Obviously, a strong antivirus solution is a must.

“This data shows we have seen a significant proportion of consumers paying a ransom for their data over the past 12 months. But handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice. Therefore, we always recommend that those affected by ransomware do not pay as that money supports this scheme to thrive,” said Marina Titova, Head of Consumer Product Marketing at Kaspersky.

 “Instead, consumers should make sure to invest in initial protection and security for their devices and regularly back up all data. This will make the attack itself less appealing or lucrative to cybercriminals, reducing the use of the practice, and presenting a safer future for web users.”

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.