US victims twice as likely to pay ransomware demands: report | TheHill
Victims in the United States are around twice as likely to pay ransomware demands, the security firm Symantec announced in a new report.
According to the same report, that comes as the average ransom more than tripled over the past year.
Symantec released its “Internet Security Threat Report” Wednesday morning, which covers trends in online attacks.
Ransomware is malware that prevents systems from functioning normally until a fee is paid, often by encrypting files and only providing a key after collecting a ransom. It is a successful business model only getting more successful — by Symantec’s statistics, the average ransom ballooned from $294 in 2015 to $1,077 in 2016.
“So many people pay the ransom, criminals haven’t figured out a level people will not pay,” Kevin Haley, director of Symantec Security Response, told The Hill.
The company tabulates that while 34 percent of victims worldwide pay the ransom, 64 percent of Americans do.
The report also covers new problems as more and more businesses begin to use cloud services rather than locally install software and hardware.
Most chief information officers only believe their networks use 30 to 40 cloud services. Symantec finds the average to be 928, a total 33 times greater. That can be dangerous, because it means that a substantial amount of responsibility for guarding documents, assuring file integrity and preventing malware falls on companies outside visibility of the people trying to protect it.
“Over the years, CIOs have gotten good control over the hardware and software connected inside their physical network environment. They have lost control of the outside environment,” said Haley.