Ransomware Victims Rarely Regain All Data After Paying Ransom

Kaspersky: Ransomware Victims Rarely Regain All Data After Paying Ransom

Written by Edward Gately
March 30, 2021

Kaspersky recommends not paying the ransom if a device is locked.

Just because ransomware victims pay the ransom doesn’t guarantee they’ll get back all of their stolen data.

That’s according to a new global survey conducted by Kaspersky. It polled 15,000 consumers. However, Matt Courchesne, head of channel for Kaspersky North America, said “as we all know, ransomware is a threat to consumers and businesses alike.”

More than half of ransomware victims paid the ransom to restore access to their data last year. Yet for 17% of the people who paid, that did not guarantee the return of their stolen data.

The percentage of victims who paid the ransom last year was highest among those ages 35-44, with two-thirds having paid. That compares to just over half of those ages 16-24 and only 11% of those over 55.

The reason older generations are less inclined to pay ransom is because they’re typically less reliant on technology, Courchesne said. So they likely have less digital data and are less inclined to pay ransom to restore access to it.

Whether they paid or not, only 29% of all victims were able to restore all their encrypted or blocked files following an attack. One-half lost at least some files, 32% lost a significant amount, and 18% lost a small number of files. Meanwhile, 13% who did experience such an incident lost almost all their data.

Avoiding Ransomware

Kaspersky’s Matt Courchesne

“Avoiding infection comes down to basic rules of cyber hygiene,” Courchesne said. “It is important to never download suspicious files, click on suspicious links or open email attachments that are coming from unknown senders. In addition, it is important to update your operating system and software to eliminate recent vulnerabilities and back up your files regularly so that even if ransomware blocks your data, you can recover it without paying a ransom. Last but not least, use a reliable security solution that protects personal and corporate devices not only from ransomware, but from a variety of cyberthreats.”

About 39% of those surveyed claimed they were aware of ransomware over the past 12 months. It’s important that this number rises as remote working becomes more prolific, Kaspersky says. It’s vital they understand what to look out for, and what to do if they encounter ransomware.

“We have seen an increase in the average demand for ransoms,” Courchesne said. “In addition, there is always a chance for attackers to increase their profits by extorting more from the same target.”

Kaspersky recommends not paying the ransom if a device is locked. That only encourages cybercriminals to continue their practice. Instead, contact local law enforcement and report the attack.

In addition, try to find out the name of the ransomware trojan. This information can help cybersecurity experts decrypt the threat and retain access to your files.