Story image

Kaspersky Lab says "stay fearless and don’t pay the ransom!”

07 Nov 16

While the debate rages on about whether or not to pay the ransom fine when victims have been stung by a ransomware attack, Kaspersky Lab has proven that paying the ransom does not guarantee ever getting encrypted files back. Instead, it only supports cyber criminals.

The Kaspersky Consumer Security Risks Survey 2016 has found that 17% of respondents have been victims of ransomware, with 6% having their files held at ransom.

36% of victims will fork out the ransom demands, but one in five will still not get their files back. In fact, the survey found that 17% of victims have lost their data as a result of infection. Of those, 28% could restore all files.

Even more concerning is that 24% of internet users don't fully understand the threat of ransomware, Kaspersky says.

With these kinds of odds, Kaspersky is warning users not to pay the demands, but instead report the crimes to authorities.

"As our study shows, there is no guarantee that paying the ransom will actually give you access to your encrypted data so stay fearless and don’t pay the ransom. Kaspersky Lab, together with other security vendors and law enforcement agencies, are constantly working on detecting the criminal servers that store decryption keys and retrieving the keys from them," says Noushin Shabab, Senior Security Researcher at Kaspersky Lab ANZ.

"From a consumer perspective, what’s really important is that ransomware is reported to law enforcement agencies to help fight this threat. Again we encourage all, don’t pay the ransom,” Shabab says.

Kaspersky recommends users use up-to-date security solutions and encryption. In addition, the company is further encouraging people not to pay ransom demands, and has taken the message worldwide.

The global activities include the No More Ransom initiative, a joint effort between Kaspersky Lab, Europol, Intel Security and the Dutch National Police. The project has helped more than 2500 decrypt their data in just two months, the company reports.

Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
Is mobile shopping compromising your enterprise security?
When employees do their holiday shopping on company resources, security teams have a challenge with the surge in browsing and online transactions.
Different approach to malware detection needed – VMware
Security needs to move away from the traditional approach of chasing after arbitrary forms of malware.
Modernising ERP systems can help organisations comply with GDPR
“Organisations need to look for modern ERP systems that are specifically designed with GDPR in mind."
APRA Prudential Standard CPS 234: How to communicate with the board
The Australian Prudential Regulation Authority’s standard, CPS 234, is aimed at minimising the threat of cyber attacks for APRA-regulated entities.
Cyber attacks develop complexity, target Windows sysad tools - report
The report explores changes in the threat landscape over the past year, uncovering trends and how they are expected to impact cybersecurity in 2019.