How Many Ransomware Victims Actually Pay Up?

How Many Ransomware Victims Actually Pay Up?
To sign up for our daily newsletter covering the latest news, hacks and reviews, head HERE. For a running feed of all our stories, follow us on Twitter HERE. Or you can bookmark the Lifehacker Australia homepage to visit whenever you need a fix.

We’ve heard a lot about ransomware, a type of malware that holds a victim’s computer and all its files to ransom, but how many people and businesses actually pay up? Security company Bitdefender has conducted research on this topic.

Sleep picture from Shutterstock

While this research is focused on US and Europe, ransomware is a growing threat across the world. According to security vendor Norton, cybercrime has cost Australians over $1.2 billion and Australia came in at eighth place for countries that are most affected by ransomware. It is worth keeping track of attitudes of individuals and organisations around the world and learn how they are dealing with increasing cybersecurity threats.

The study was conducted on 3009 internet users and organisations from the US, France, Germany, Denmark, the UK and Romania and canvases their experiences with data loss and ransomware.
Here are some key stats from the BitDefender report:

  • Fifty per cent of users can’t accurately identify ransomware as a type of threat that prevents or limits access to computer data
  • Half of victims are willing to pay up to $500 to recover encrypted data
  • Personal documents rank first among user priorities
  • Thirty-five per cent of users unaffected by ransomware think it is improbable that they will get infected

Many security experts agree that you shouldn’t pay extortionists to reclaim control of an infected computer because there’s no guarantee that the attackers will honour their word. But when important files and precious photos are at stake, it’s difficult to not cough up the money.

You can find advice on how to protect yourself against ransomware here.

Would you pay the ransom to recover your files if you fall victim to ransomware? Let us know in the comments.


  • I probably wouldn’t pay the ransomware as I’d (hopefully) find away to get rid of it without doing so, but what I find to be the question I’d like to know the answer to, is “does paying the ransom actually release the ransomware hold on your computer, or do they just hunt for more?”

    • I’ve spoken to many security experts about this and they’ve all recommended against paying because, as mentioned in the article, there is no guarantee that the attackers will relinquish control of the affected computer.

      Having said that, I have spoken to at least one victim who has said the attackers did unlock her files.

      • Paying also encourages this behaviour.

        Backup is king. If you’re technically-minded, there’s no excuse not to maintain an offline copy of your most valuable files.

        If you’re not sure how to, search online for tips or ask someone for help.

        When compromised, give the crims the bird, nuke and restore.

  • Doesn’t anyone backup their data anymore? I mean physical backup as well.

    format C: fixes everything 🙂

    • sadly no longer the case. there is now malware that targets the UEFI bios on modern pcs
      Isn’t it fun to think that one bad advert popup could lead to having to return your motherboard to get the bios fixed

    • Interesting comment Thomas, the one time I did get hit by ransomware it turned out to have come home from work on a USB key one of the IT staff was trying to up his income it seems. Physical backup (Including USB HDD) for the win!

Show more comments

Comments are closed.

Log in to comment on this story!