15 May 2017 – Friday’s ransomware attack, which affected 200,000 computer systems in 150 countries and crippled hospitals across the United Kingdom, is a frightening reminder of how much damage can be done by this type of malicious cyberattack. A new global survey of Internet users in 23 countries and Hong Kong (China) reveals that most people are ill equipped to deal with ransomware.
“It is simply unacceptable that people do not get the care they need because of cybercriminals attacking hospitals. We have a shared responsibility to collaboratively get this under control,” says Kathy Brown, President and Chief Executive Officer of the Internet Society (ISOC) which helped to fund the survey. “Law enforcement, IT professionals, consumers, business, and the public sector all have responsibility to act to keep enabling the good that the Internet brings.”
According to the joint CIGI, ISOC and UNCTAD Global Survey on Internet Security and Trust, conducted by global research company Ipsos, before the latest attack, 6 per cent of Internet users globally had already been personally affected by ransomware, with Internet users in India, Indonesia, China and the United States the most likely to be affected. An additional 11 per cent knew someone who has been hit by these malicious programs.
“Cyber thieves now operate on a global scale, as the most recent attack illustrates, and just about anybody can launch a ransomware attack,” says Fen Osler Hampson, Distinguished Fellow and Director of Global Security at CIGI. “Ransomware attackers have discovered that they don’t have to steal or destroy your data to enrich themselves, they just have to hold it hostage. Our survey data shows that many people are willing to pay to get their data back, which makes such attacks highly profitable.”
People remain largely unprepared for this new form of cyberattack, which encrypts their data and renders it inaccessible until they pay a ransom. Twenty-four percent of people admit they would have no idea what to do if their computer were to be hit with ransomware.
Many would turn to the authorities: 22 per cent would contact law enforcement, 15 per cent would contact their Internet Service Provider and 9 per cent would contact a private firm to try to retrieve their data. Unfortunately, the authorities are often unable to help. Once the data is locked, it is extraordinarily difficult to retrieve without either paying the ransom or restoring the files from a backup.
Here again, Internet users are woefully unprepared. Only 16 per cent of people globally indicate that they would retrieve their data from a backup.
Among those who had been affected by ransomware, 41 per cent said they had paid to have their device unlocked. Among those affected who did not pay the ransom, 45 per cent refused to pay, claiming that it is not right to pay criminals.
In any event, there remains some honour among thieves, as 91 per cent of Internet users who paid the ransom indicated that their device had subsequently been unlocked. Internet users in North America (10%) and Europe (15%) were the least likely to have their devices unlocked after they paid the ransom.
“The evolution of cybercrime has a negative impact on the willingness among people and enterprises to use the Internet for e-commerce and other productive activities,” says Torbjörn Fredriksson, Chief of ICT Analysis Section at the UN Conference on Trade and Development (UNCTAD) which helped to fund the survey. “This underlines the importance of legal and regulatory responses that include criminalizing conduct, enhancing law enforcement powers and putting in place cybersecurity frameworks that include prevention and permit active defense.”