WannaCry attack was the first-time 57 percent of U.S. users ended up exposed to how ransomware works, a new survey found.
To prove that, flying in face of all advice given by security professionals, 52 percent of survey respondents said they would pay to a ransom for their data if their computers ended up infected with malware, according to the survey from Carbon Black.
WannaCry Vulnerability Checker Released
WannaCry Decryptor Tool Available
Updated WannaCry Indicators
Agencies Amassing Zero Days
WannaCry Variants Tougher to Kill
How to Protect Against ‘WannaCry’
Of these, 12 percent would pay a ransom of $500 or more, 29 percent said they would pay between $100 and $500, and 59 percent would pay less than $100 to get their data back.
In terms of the high number of first time users exposed to how ransomware works, researchers said it is unusual since ransomware has been around since 2005. However, it can also mean respondents have never suffered from a ransomware attack before.
The company also asked the 5,000 individuals that participated in the survey who is responsible for keeping their data safe.
The biggest responsibility for keeping their data safe is with the individual companies that house the data, most consumers said. Next came cybersecurity companies, then software providers. Government organizations are least responsible, in their eyes.
Would consumers consider leaving a business hit by ransomware? 72 percent said they would consider leaving their financial institution in such a case. That percentage is 68 percent and 70 percent for healthcare providers and retailers, respectively.
“Tying these numbers to what consumers consider their most valuable personal information is an interesting exercise,” the company said in a blog post.
“Financial information led the list (but only barely over family photos) while medical records only made a blip on the radar, with 5% of consumers saying it was their most valuable information. In fact, medical records tied with phone data (messages, contacts, applications, etc.).
“We also solicited write-ins for the ‘other’ category and received some of the following, among others: ‘my music,’ ‘game data,’ ‘social security number,’ and ‘personal writings.’ ”