Concerned about cybercrime? Chances are, you’re not doing much to protect yourself

tonsnoei / 123RF Stock Photo
Many people are sitting ducks for ransomware. Two security firms recently published the results of surveys that showed people may worry about cybercrime, but they don’t do much to for protection, leaving themselves vulnerable. A study by U.K.-based Sophos, and another survey by Radware asked different questions about cybercrime and ransomware, but in each case found that, unlike businesses, individuals are all over the place when it comes to actually preparing for and preventing cyberattacks.

This also applies to cases  in which data was held hostage by ransomware. An IBM Ransomware study of business and consumer knowledge focused on responses to ransomware threats. The study showed that in general, the average person has a lack of awareness of ransomware, little or no preparatory action, and unfounded confidence in their own knowledge of how to respond.

Cybercrime concern

In the Sophos survey, the company found people in the United States, United Kingdom, Germany, Austria, and Switzerland are more concerned about cybercrime than more personal physical attacks. Regarding computer security issues, 63 percent worried about losing money, 61 percent about having their computers hijacked, and 58 percent feared losing control of their computers. In contrast, 46 were concerned with physical assault or stolen cars, 52 percent about home robberies, and 56 percent about terrorism.

For all their concern, however, the people surveyed were largely unaware of the severity of cybercrime risks. About half weren’t aware of email phishing — a primary gateway cyberattack — or if they did know about it, they didn’t think it was much of a threat. More than 30 percent either considered ransomware a low threat or said it was one they knew nothing about, even though ransomware is the greatest current problem.

“People understand how to protect their home or car — they feel they’ve got the physical world covered. Whereas cybercriminals are invisible and the virtual crime world is unpredictable and complicated, especially when it comes to cyber threats like phishing and ransomware,” said John Shaw, Sophos vice president, Enduser Security Group.

Who’s responsible for home network protection?

Radware took a different approach and hired Harris Polls to ask people who they thought should be responsible for protecting against Internet of Things botnet attacks and what they’d do if their personal data was held hostage for payment by a ransomware attack.

When Radware asked about botnets, the people surveyed stated that hackers can hijack digital devices in respondents’ homes to launch attacks over the internet. Radware then asked who they thought should be held responsible to prevent such attacks from happening (it was OK to give multiple answers). Of those who responded to the question, 69 percent thought the device manufacturers are responsible, 55 percent put the onus on internet and cell phone service providers, and 43 percent thought individuals themselves are responsible for keeping home networks and devices secure.

Would you pay a ransom for your personal files?

An interesting split occurred when Radware asked how much, if anything, respondents would pay to unlock their personal files if their data was held hostage by ransomware. While two-thirds of respondents said they wouldn’t pay anything, the responses broke out clearly by age groups. Younger people were more willing to pay and would pay more than older people.

In the 18-34 age group 37 percent said they’d pay, 34 percent of the 35- to 44-year-olds, 15 percent of the 45- to 54-year-olds, 14 percent of the 55- to 64-year-olds, and only 9 percent of the 65 years or older respondents would pay anything. Of those who said they would pay a ransom, the same inverse correlation appeared. Of those who would pay $200 or more to regain their data, that willingness ranged from a high of 21 percent of the 18- to 34-year-olds to a low of 3 percent of the 65 and older group.

Unaware, unprepared, and overconfident

IBM’s consumer ransomware survey found that only 31 percent of respondents had even heard of ransomware, while 75 percent were confident they could protect their data on their own computers and 67 percent believed they could protect their mobile devices. Overall, 59 percent had taken no action in the previous three months to protect their systems, although among the group who had heard of ransomware, the same proportion (59 percent) had taken proactive protection steps.

Breaking down what people said they actually did for preventive action, 71 percent of the respondents said that action consisted of not opening suspicious attachment or links in emails and texts. Other protective steps included changing passwords (59 percent) and avoiding public Wi-Fi access points (48 percent).

IBM security reported it saw a lot of action in the period around Black Friday and Cyber Monday as cybercriminals loaded malicious emails masked as coming from Amazon with links for deals or for package shipment tracking. As soon as someone clicked one of those links, Locky Ransomware was downloaded and quickly encrypted all files. That would be a Black Friday, indeed.

As in the Radware survey, the IBM study found that most people wouldn’t pay to get their data back. Breaking it down, they were willing to let health records and family photos stay locked up but 54 percent said they’d pay to get their financial records back. Also, like the Radware findings, IBM found Millennials were more likely than other age groups to pay a ransom. The IBM study found a greater willingness among parents to pay to free up digital photos (55 percent) than non-parents (39 percent).

When it came to payment, an interesting dichotomy arose. Most who said they’d pay put a limit of $100 on their willingness. However, cybercriminals usually demand between $200 and $10,000. According to IBM, while people say they’ll only pay a fairly small amount, they likely end up paying more. Data gathered from cybercriminal sources indicates a high “success rate” with ransomware. CryptoLocker operators claimed 41 percent payment rates in a Time article cited by IBM.

Because of anonymity and difficulty tracing payments, most ransomware demands payment in Bitcoin. Most ransomware sets a time limit for payment, often with a big ticking countdown clock on the computer screen. One issue that arises is that people who don’t know about or how to pay in Bitcoin sometimes lose their data by not paying on time even when they want to pay. As a result, some of the ransomware networks provide helpful information and links or even have customer support lines to help victims make the payments.

What you can do

If you’re concerned about the growing threats of botnets, malware, and ransomware, and you’re willing to take steps to protect yourself, you don’t have to keep bitcoin on hand to pay ransom for your computer and get your information back.

First, be sure to back up your data, locally and in the cloud. Back it up often, like clockwork. Only you can decide how often is often enough to back up your data — weekly or monthly backups are probably sufficient for most people.

Second, be sure you have, use, and update strong computer antivirus and security programs and be sure to use them with all computers that access your home network. Speaking of home networks, especially if you have smart home components, take the steps to find out how to protect your home computer network and any smart home connected devices in your home. Many malware and botnet attacks in 2016 got in through vulnerable smart home devices.

The last step is to be diligent about not being snagged by phishing campaigns. Inform or train other people with computer access in your home not to automatically click on any unexpected video, image, music, or document files sent via email or on social media, even if you know the people who sent them. Social media identity theft is way up, often specifically for the purpose of baiting the friends of the people whose IDs were stolen with phishing campaigns.

Precaution may not be fun, but it works.

If you are a cybercrime victim

If you are victimized by ransomware or other cybercrime or suspect you are, IBM recommended that you report the crime to the FBI’s Internet Crime Complaint Center. Just like on TV crime shows with kidnapping plots, the FBI strongly discourages people from paying ransom to free up your data, because even if you pay, there’s no guarantee you’ll ever see your files again.

Computing

Get ready to say goodbye to some IFTTT support in Gmail by March 31

If This Then That, the popular automation service, will drop some of its support for Gmail by March 31. The decision comes as a response to security concerns and is aimed to protect user data.
Smart Home

The best smart locks to increase your home security in 2019

A good smart lock should offer a combination of security and convenience. Fortunately, these devices keep your home protected, your family safe, and your belongings secure from possible intruders.
Mobile

Safeguard your Sony Xperia 10 smartphone with one of these cases

If you're looking for some protection to keep your Sony smartphone safe, or you want a different style, we've got you covered here with a list of the best Sony Xperia 10 cases. There are clear cases, rugged cases, wallet cases, and more.
Mobile

Most Android antivirus apps fail to provide malware protection, study shows

A study by AV-Comparatives analyzed the effectiveness of Android antivirus apps in protecting against the 2,000 most common malware threats. Alarmingly, only 23 of the apps were able to detect 100 percent of the malware samples.
Computing

Go hands-free in Windows 10 with speech-to-text support

Looking for the dictation, speech-to-text, and voice control options in Windows 10? Here's how to set up Speech Recognition in Windows 10 and use it to go hands-free in a variety of different tasks and applications within Windows.
Computing

Get the most out of your high-resolution display by tweaking its DPI scaling

Windows 10 has gotten much better than earlier versions at supporting today's high-resolution displays. If you want to get the best out of your monitor, then check out our guide on how to adjust high-DPI scaling in Windows 10.
Deals

Looking for a Chromebook? The Google PixelBook just got a $200 price cut

Once relatively obscure, Chromebooks have come into their own in a big way in recent years. One of our favorites is the super-sleek Google Pixelbook, and it's on sale right now from Amazon for $200 off, letting you score this premium laptop…
Mobile

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

We're glad to see that USB-C is quickly becoming the norm. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone. We've got USB-C to USB-C and USB-C to USB-A.
Computing

Nvidia’s GTX 1650 graphics card could be just a slight upgrade over the 1050 Ti

Rumors suggest Nvidia might soon launch the GTX 1650, and a leaked benchmark listing from Final Fantasy XV suggests that the new graphics card could be just a slight upgrade over last generation's GTX 1050 Ti. 
Computing

Get the new Dell XPS 13 for $750 with this limited-time deal

Dell is currently running a limited time deal lasting through Thursday, March 28, where you can bring home a version of this year's new XPS 13 for around $750 with the use of a special coupon code. 
Mobile

This is the easiest way to save your iPhone data to your computer

Living in fear of losing your contacts, photos, messages, and notes on your iPhone? Fear no more -- in this guide, we'll break down exactly how to back up your iPhone to your computer using Apple's iTunes or to the cloud with iCloud.
Mobile

Here are the best iPad Pro keyboard cases to pick up with your new tablet

The iPad Pro range can double as laptops, but they do need proper keyboards to fill in effectively. Thankfully, there are loads to choose from and we rounded up the best iPad Pro keyboard cases right here.
Computing

Microsoft’s Clippy came back from the dead, but didn’t last very long

Before Cortana, Alexa, and Siri even existed, Microsoft Clippy dominated the screens of computers in the 1990s to help assist Microsoft Office users when writing letters. He recently made a bit of a comeback only to die off again.
Computing

Nvidia faces attacks from AMD, Intel, and even Google. Should it be worried?

Nvidia announced an expanded array of RTX server solutions designed to leverage the power of ray-tracing at GTC 2019. The effort will help Nvidia take on Google's Stadia in game streaming with GeForce Now, and the company's investments in…