A global study has revealed that 42% of ransomware victims in South Africa paid the ransom to restore access to their data in 2020 and that for 19% of those, paying the ransom did not guarantee the return of stolen data.
The research, named ‘Consumer appetite versus action: The state of data privacy amid growing digital dependency’, was conducted on 15000 consumers by global security firm Kaspersky.
Ransomware is a type of malware which criminals use to extort money. It holds data to ransom using encryption or by locking users out of their device.
The report found that, for around a third respondents (36%), the estimated money loss was less than $100, for 31% – $100 – $249, and for 19% it ranged from $250 to $1999.
It also revealed that whether they paid or not, only 24% of victims were able to restore all their encrypted or blocked files following an attack.
Up to 61% of victims lost at least some files, 32% lost a significant amount, and 29% lost a small number of files. Meanwhile, 11% who did experience such an incident lost almost all their data.
Commenting on the report, Marina Titova, Head of Consumer Product Marketing at Kaspersky said, “This data shows we have seen a significant proportion of consumers paying a ransom for their data over the past 12-months. But handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice. Therefore, we always recommend that those affected by ransomware do not pay as that money supports this scheme to thrive.”
At present, 32% of those surveyed in South Africa claimed they were aware of ransomware over the past 12-months.
Kaspersky noted that, it is important that this number rises as remote working becomes more prolific. To better help consumers protect themselves as they learn more about this form of cyberattack, it is vital that they understand what to look out for, and what to do if they encounter ransomware.
“Consumers should make sure to invest in initial protection and security for their devices and regularly back up all data. This will make the attack itself less appealing or lucrative to cybercriminals, reducing the use of the practice, and presenting a safer future for web users,” concludes Titova.