Skip to main content

Concerned about cybercrime? Chances are, you’re not doing much to protect yourself

tonsnoei / 123RF Stock Photo
Many people are sitting ducks for ransomware. Two security firms recently published the results of surveys that showed people may worry about cybercrime, but they don’t do much to for protection, leaving themselves vulnerable. A study by U.K.-based Sophos, and another survey by Radware asked different questions about cybercrime and ransomware, but in each case found that, unlike businesses, individuals are all over the place when it comes to actually preparing for and preventing cyberattacks.

This also applies to cases  in which data was held hostage by ransomware. An IBM Ransomware study of business and consumer knowledge focused on responses to ransomware threats. The study showed that in general, the average person has a lack of awareness of ransomware, little or no preparatory action, and unfounded confidence in their own knowledge of how to respond.

Cybercrime concern

In the Sophos survey, the company found people in the United States, United Kingdom, Germany, Austria, and Switzerland are more concerned about cybercrime than more personal physical attacks. Regarding computer security issues, 63 percent worried about losing money, 61 percent about having their computers hijacked, and 58 percent feared losing control of their computers. In contrast, 46 were concerned with physical assault or stolen cars, 52 percent about home robberies, and 56 percent about terrorism.

For all their concern, however, the people surveyed were largely unaware of the severity of cybercrime risks. About half weren’t aware of email phishing — a primary gateway cyberattack — or if they did know about it, they didn’t think it was much of a threat. More than 30 percent either considered ransomware a low threat or said it was one they knew nothing about, even though ransomware is the greatest current problem.

“People understand how to protect their home or car — they feel they’ve got the physical world covered. Whereas cybercriminals are invisible and the virtual crime world is unpredictable and complicated, especially when it comes to cyber threats like phishing and ransomware,” said John Shaw, Sophos vice president, Enduser Security Group.

Who’s responsible for home network protection?

Radware took a different approach and hired Harris Polls to ask people who they thought should be responsible for protecting against Internet of Things botnet attacks and what they’d do if their personal data was held hostage for payment by a ransomware attack.

When Radware asked about botnets, the people surveyed stated that hackers can hijack digital devices in respondents’ homes to launch attacks over the internet. Radware then asked who they thought should be held responsible to prevent such attacks from happening (it was OK to give multiple answers). Of those who responded to the question, 69 percent thought the device manufacturers are responsible, 55 percent put the onus on internet and cell phone service providers, and 43 percent thought individuals themselves are responsible for keeping home networks and devices secure.

Would you pay a ransom for your personal files?

An interesting split occurred when Radware asked how much, if anything, respondents would pay to unlock their personal files if their data was held hostage by ransomware. While two-thirds of respondents said they wouldn’t pay anything, the responses broke out clearly by age groups. Younger people were more willing to pay and would pay more than older people.

In the 18-34 age group 37 percent said they’d pay, 34 percent of the 35- to 44-year-olds, 15 percent of the 45- to 54-year-olds, 14 percent of the 55- to 64-year-olds, and only 9 percent of the 65 years or older respondents would pay anything. Of those who said they would pay a ransom, the same inverse correlation appeared. Of those who would pay $200 or more to regain their data, that willingness ranged from a high of 21 percent of the 18- to 34-year-olds to a low of 3 percent of the 65 and older group.

Unaware, unprepared, and overconfident

IBM’s consumer ransomware survey found that only 31 percent of respondents had even heard of ransomware, while 75 percent were confident they could protect their data on their own computers and 67 percent believed they could protect their mobile devices. Overall, 59 percent had taken no action in the previous three months to protect their systems, although among the group who had heard of ransomware, the same proportion (59 percent) had taken proactive protection steps.

Breaking down what people said they actually did for preventive action, 71 percent of the respondents said that action consisted of not opening suspicious attachment or links in emails and texts. Other protective steps included changing passwords (59 percent) and avoiding public Wi-Fi access points (48 percent).

IBM security reported it saw a lot of action in the period around Black Friday and Cyber Monday as cybercriminals loaded malicious emails masked as coming from Amazon with links for deals or for package shipment tracking. As soon as someone clicked one of those links, Locky Ransomware was downloaded and quickly encrypted all files. That would be a Black Friday, indeed.

As in the Radware survey, the IBM study found that most people wouldn’t pay to get their data back. Breaking it down, they were willing to let health records and family photos stay locked up but 54 percent said they’d pay to get their financial records back. Also, like the Radware findings, IBM found Millennials were more likely than other age groups to pay a ransom. The IBM study found a greater willingness among parents to pay to free up digital photos (55 percent) than non-parents (39 percent).

When it came to payment, an interesting dichotomy arose. Most who said they’d pay put a limit of $100 on their willingness. However, cybercriminals usually demand between $200 and $10,000. According to IBM, while people say they’ll only pay a fairly small amount, they likely end up paying more. Data gathered from cybercriminal sources indicates a high “success rate” with ransomware. CryptoLocker operators claimed 41 percent payment rates in a Time article cited by IBM.

Because of anonymity and difficulty tracing payments, most ransomware demands payment in Bitcoin. Most ransomware sets a time limit for payment, often with a big ticking countdown clock on the computer screen. One issue that arises is that people who don’t know about or how to pay in Bitcoin sometimes lose their data by not paying on time even when they want to pay. As a result, some of the ransomware networks provide helpful information and links or even have customer support lines to help victims make the payments.

What you can do

If you’re concerned about the growing threats of botnets, malware, and ransomware, and you’re willing to take steps to protect yourself, you don’t have to keep bitcoin on hand to pay ransom for your computer and get your information back.

First, be sure to back up your data, locally and in the cloud. Back it up often, like clockwork. Only you can decide how often is often enough to back up your data — weekly or monthly backups are probably sufficient for most people.

Second, be sure you have, use, and update strong computer antivirus and security programs and be sure to use them with all computers that access your home network. Speaking of home networks, especially if you have smart home components, take the steps to find out how to protect your home computer network and any smart home connected devices in your home. Many malware and botnet attacks in 2016 got in through vulnerable smart home devices.

The last step is to be diligent about not being snagged by phishing campaigns. Inform or train other people with computer access in your home not to automatically click on any unexpected video, image, music, or document files sent via email or on social media, even if you know the people who sent them. Social media identity theft is way up, often specifically for the purpose of baiting the friends of the people whose IDs were stolen with phishing campaigns.

Precaution may not be fun, but it works.

If you are a cybercrime victim

If you are victimized by ransomware or other cybercrime or suspect you are, IBM recommended that you report the crime to the FBI’s Internet Crime Complaint Center. Just like on TV crime shows with kidnapping plots, the FBI strongly discourages people from paying ransom to free up your data, because even if you pay, there’s no guarantee you’ll ever see your files again.

Bruce Brown
Bruce Brown Contributing Editor   As a Contributing Editor to the Auto teams at Digital Trends and TheManual.com, Bruce…
ChatGPT’s new Pro subscription will cost you $200 per month
glasses and chatgpt

Sam Altman and team kicked off the company's "12 Days of OpenAI" event Thursday with a live stream to debut the fully functional version of its 01 reasoning model, as well as a new subscription tier called ChatGPT Pro. But to gain unlimited access to these new features and capabilities, you're going to need to shell out an exorbitant $200 per month.

The 01 model, originally codenamed Project Strawberry, was first released in September as a preview, alongside a lighter-weight o1-mini model, to ChatGPT-Plus subscribers. o1, as a reasoning model, differs from standard LLMs in that it is capable of fact-checking itself before returning its generated response to the user. This helps such models reduce their propensity to hallucinate answers but comes at the cost of a longer inference period and slower response.

Read more
Surface Pro alternative: This Asus Chromebook is another $70 off today
A man holding the Asus Chromebook CM3001 Laptop.

While fast and powerful CPUs and GPUs go a long way with a desktop or laptop, not every PC needs to be a workhorse. Some folks only need a computer for basic web browsing or watching the occasional HD movie or show. That’s why we’re always on the lookout for great Chromebook deals. These Chrome OS machines are just strong enough to deliver a notch above the basics, and today, we found an excellent discount on an Asus Chromebook. For a limited time, when you purchase the Asus Chromebook CM3001 Laptop at Best Buy, you’ll only pay $230. At full price, this model sells for $300.

Why you should buy the Asus CM3001 Laptop
From its convenient 2-in-1 design (check out our list of the best 2-in-1 deals) to its beautiful 10.5-inch 1920 x 1200 touchscreen (WUXGA), the CM30 is a laptop you’ll have zero issues taking just about anywhere. Its light form factor is a huge plus, and when closed, the CM30 is only 0.67 inches thick! And while we’re not dealing with Intel or AMD for internals, the onboard MediaTek Kompanio 520 CPU runs and smooth and efficient ship. It's also a great Surface Pro alternative, for those tiring of the Windows way.

Read more
Get Copilot+ features for less with this Asus laptop deal
An Asus ProArt P16 laptop on a white background.

One of the best laptop deals right now is perfect for anyone who is seeking a Copilot PC. If you’re looking to enjoy AI features, check out the Asus ProArt P16 laptop which is $200 off at Best Buy. The laptop normally costs $1,900 but right now, you can buy it for $1,700. A high-end productivity-focused laptop which also packs a punch for some gaming too, this is an ideal workhorse of a PC. Here’s all you need to know about it alongside some insight into the wonders of Copilot.

Why you should buy the Asus ProArt P16 laptop
Asus features in our look at the best laptop brands thanks to the company being great at developing all-rounder laptops. The Asus ProArt P16 laptop is one such highlight. It has an AMD Ryzen AI 9 HX 370 CPU, 32GB of memory, 1TB of SSD storage, and an Nvidia GeForce RTX 4060 GPU.

Read more