Half of Ransomware Victims Didn't Recover Their Data After Paying the Ransom

An anonymous reader shares a report: A massive survey of nearly 1,200 IT security practitioners and decision makers across 17 countries reveals that half the people who fell victim to ransomware infections last year were able to recover their files after paying the ransom demand. The survey, carried out by research and marketing firm CyberEdge Group, reveals that paying the ransom demand, even if for desperate reasons, does not guarantee that victims will regain access to their files. Timely backups are still the most efficient defense against possible ransomware infections, as it allows easy recovery. The survey reveals that 55% of all responders suffered a ransomware infection in 2017, compared to the previous year's study, when 61% experienced similar incidents. Of all the victims who suffered ransomware infections, CyberEdge discovered that 61.3% opted not to pay the ransom at all. Some lost files for good (8%), while the rest (53.3%) managed to recover files, either from backups or by using ransomware decrypter applications. Of the 38.7% who opted to pay the ransom, a little less than half (19.1%) recovered their files using the tools provided by the ransomware authors.

Re:obCasablanca

Ransomware criminals shouldn't shit where they drink. By failing to unlock the files, they decrease the chance future victims will be willing to pay. Unfortunately for the criminals there are any number of other criminals out there who don't follow this simple rule. They don't unlock because they don't care, they're only in it for the short term, or they failed to implement unique wallets per victim to verify who's paid them and who's only claiming to have done so.

None of this is terribly surprising; it's the nature of the beast. The numbers are at least interesting however.

The bottom line...

[jcr]

If you need to keep your data, 1) don't use any Microsoft products, and 2) keep backups.

-jcr