In the wake of the WannaCry cyberattack that plagued U.K. hospitals a few weeks back, Waltham, Mass.-based security company Carbon Black surveyed 5,000 U.S. consumers to gauge the public’s perception on ransomware, its threshold for paying a ransom, and the expectations consumers have on businesses to keep their data safe.
The survey revealed that: 57 percent of consumers said WannaCry was their first exposure to how ransomware works; about 70 percent of consumers said they trust their financial institutions and healthcare providers to keep data safe but only half (52 percent) said they trust retailers; and 68 percent said they would would consider leaving their healthcare provider if it were hit by a ransomware attack.
The WannaCry crisis was one of the most intensive and extensive ransomware-based attacks to date, affecting organizational operations of all kinds in approximately 150 countries. The attack involved a cyber weapon developed by the N.S.A. that was used by cybercriminals against computer users around the globe.
Consumers were also asked in this survey what they consider their most important information to be. Financial information led the list (but only barely over family photos), while medical records only made a blip on the radar, with 5 percent of consumers saying it was their most valuable information. In fact, medical records tied with phone data (messages, contacts, applications, etc.).
When put in the driver’s seat and asked if they would personally be willing to pay ransom money if their personal computer and files were encrypted by ransomware, it was about even, with 52 percent of respondents saying they would pay and 48 percent saying they would not.
And, when asked who should be help most accountable for keeping their information safe and out of the hands of cyber attackers, individual businesses came in first, with cybersecurity companies and vendors coming in second, software providers ranking third, and government organizations coming in fourth place.
As the surveyors concluded, “While ransomware is certainly nothing new, consumers are now increasingly turning to businesses with questions about how they are protecting sensitive data. Businesses, in turn, will look inward in an effort to improve security hygiene and implement modern processes and technologies to keep data safe. Above all, the increased awareness creates the additional need for transparency between businesses and consumers. Consumers want to know: ‘What are you doing to keep my data safe?’ Following the WannaCry ransomware attacks, these businesses should be prepared with an answer.”
