July 18, 2016 |

New Ransomware Study Explores “Customer Journey” of Getting Your Files Back

In F-Secure's evaluation, three out of four ransomware criminal gangs were willing to negotiate the ransom fee.

Ransomware criminals actually care about your convenience. That’s according to a recent experiment detailed in a new F-Secure report, Evaluating the Customer Journey of Crypto-Ransomware and the Paradox Behind It. The experiment involved evaluating the “customer experience” of five current crypto-ransomware variants, beginning with the initial ransom screen all the way to interacting with the ransomware criminals behind each of those variants.

The report’s findings include:

  • Those families with the most professional user interfaces are not necessarily also those with the best customer service.
  • Crypto-ransomware gangs are usually willing to negotiate the price. Three out of four variants were willing to negotiate, averaging a 29% discount from the original ransom fee.
  • Ransomware deadlines are not necessarily “set in stone.” 100% of the groups contacted granted extensions on the deadlines.
  • One of the groups claimed to be hired by a corporation to hack another corporation – a kid playing a prank, or a sinister new threat actor?

The report highlights the paradox of crypto-ransomware: On one hand, perpetrators are “the nasty criminal, but on the other hand, they have to establish a degree of trust with the victim and be ready to offer a certain level of service in order to realize the payment in the end,” according to the report. As such, crypto-ransomware families often operate similar to legitimate businesses, with accessible web pages, helpful FAQs, “free trials” for file decryption, and even customer support channels with responsive agents on the other side.

“We read stories about ransomware every day, and lately the word ‘epidemic’ is being used to describe its proportions,” says Sean Sullivan, Security Advisor at F-Secure. “We wanted to offer a different look at this problem of mass crime, but ultimately to take the opportunity to remind people and businesses once again of what they can do to protect themselves from this threat. Software updates, good security software, caution with email, and most importantly, in case all else fails, back up your stuff regularly, before you ever become a victim.”

For full details and findings, download the report and view the infographic.

More information:

Blog: Why These Online Criminals Actually Care About Your Convenience
Report: Evaluating the Customer Journey of Crypto-Ransomware and the Paradox Behind It
Infographic: 5 Habits of a Successful Ransomware CyberCriminal

About F-Secure

F-Secure is a European cyber security company with decades of experience in defending enterprises and consumers against everything from opportunistic ransomware infections to advanced cyber attacks. Its comprehensive set of services and award-winning products use F-Secure’s patented security innovations and sophisticated threat intelligence to protect tens of thousands of companies and millions of people. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200 operators and thousands of resellers.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

f-secure.com twitter.com/fsecure | facebook.com/f-secure

F-Secure media relations

Melissa Michael
+358 45 209 3595

Latest Press Releases

July 31, 2018

Spam Is Still the Choice of Online Criminals, 40 Years Later

Spam is the number one source of malware as criminals add a few new tricks to this classic method, new research from F-Secure and MWR InfoSecurity finds.

July 24, 2018

F-Secure Listed as a Vendor to Watch in Gartner Market Insight: Address 3 Critical Security Issues to Differentiate Yourself in the Connected Home Market

F-Secure believes its investment in artificial intelligence and relationships with 200 carrier partners worldwide are validated by its report listing.

June 26, 2018

F-Secure SENSE Wins ‘Hotly Contested’ IoT Award from Connected Britain

F-Secure pipped the competition to the post with its SENSE security solution.

June 18, 2018

F-Secure Takes A Big Step Towards Cyber Security Leadership By Acquiring MWR InfoSecurity

Acquisition adds industry leading threat hunting platform to F-Secure’s detection and response offering and expands cyber security services to the biggest markets globally

%d bloggers like this: