The study, highlighting the paradox of crypto-ransomware, involved evaluating the “customer experience” of five current crypto-ransomware variants, beginning with the initial ransom screen tointeracting with the ransomware criminals behind each of those variants.
On one hand, perpetrators are “the nasty criminal, but on the other hand, they have to establish a degree of trust with the victim and be ready to offer a certain level of service in order to realise the payment in the end”, F-Secure said in the report.
Ransomware criminals often seek to establish a degree of trust with the victim to show that they actually “care” about their convenience, Finland-based cyber-security provider F-Secure said in a report on Wednesday.
Researchers also pointed out that ransomware deadlines are not necessarily “set in stone” as all the groups involved in the study granted extensions on the deadlines.
“We wanted to offer a different look at this problem of mass crime, but ultimately to take the opportunity to remind people and businesses once again of what they can do to protect themselves from this threat,” said Sean Sullivan, Security Advisor at F-Secure.
As such, crypto-ransomware families often operate similar to legitimate businesses, with accessible web pages, helpful FAQs, “free trials” for file decryption and even customer support channels with responsive agents on the other side.
In the study, three out of four ransomware criminal gangs were even willing to negotiate the ransom fee, averaging a 29 per cent discount from the original ransom fee, the study found.
“Software updates, good security software, caution with email, and most importantly, in case all else fails, back up your stuff regularly, before you ever become a victim,” he added.