Attacks/Breaches
12/14/2016
12:15 PM
Dark Reading Staff
Dark Reading Staff
Products and Releases
50%
50%

Consumers More Worried About Cybercrime Than Physical World Crime: Sophos

A Sophos survey discovered consumers are more concerned about cybercrime than physical world crime, yet awareness of phishing scams and ransomware remains low.

OXFORD, UNITED KINGDOM--(Marketwired - Dec 14, 2016) - Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced the findings of a recent survey that asked consumers about their awareness of phishingransomware, malware, spyware, hack attacks and other prevalent cyber threats. Significantly, the survey reveals that consumers are more worried about cybercrime than physical world crime.

Of those surveyed, 63 percent worry about financial loss due to a computer breach, 61 percent are worried about hackers taking over their computer to send spam and malware campaigns to their contacts and other innocent people, and 58 percent are worried about hackers rendering their computer useless. By contrast, 46 percent worry about their car being stolen or broken into or about physical assault, 52 percent worry about their home being robbed, and 56 percent of those surveyed worry about terrorism. The survey polled 1,250 consumers in the US, UK, Germany, Austria and Switzerland.

"People understand how to protect their home or car -- they feel they've got the physical world covered. Whereas cybercriminals are invisible and the virtual crime world is unpredictable and complicated, especially when it comes to cyber threats like phishing and ransomware," said John Shaw, vice president, Enduser Security Group, Sophos. "Attacks today usually start from legitimate websites that have been hacked -- unbeknownst to the people visiting them -- or from phishing -- sending fake emails designed to look real -- to lure consumers into opening dodgy documents or clicking malicious URLs. Once unwitting users have clicked, ransomware executes in the background and then locks and holds hostage your personal files, photos and other valuable data until you pay the criminals money."

Despite concern for cybercrime in general among those consumers surveyed, awareness of phishing and ransomware remains relatively low. Forty-seven percent, nearly half, are not familiar with phishing or perceive it as a low threat, which is a concern considering phishing is the number one attack method used to gain access to personal information. More than 30 percent of those surveyed rated themselves as being extremely unprotected, unsure of being protected or completely unaware of phishing attacks. Thirty-one percent of those surveyed said they are not familiar with ransomware or perceive it as a low threat.

"Those within cyber security circles know ransomware has become a lucrative billion dollar business for an army of cybercriminals who use toolkits developed by 'super hackers.' These toolkits put advanced exploit techniques at the fingertips of any criminally-minded person who is even vaguely computer literate to easily carry out cyberattacks," said Shaw. "It's time consumers learn about the tricks and trade of cybercriminals and how their threats are constantly evolving."

Not surprisingly, traditional malware and spyware -- cyber threats that have been with us for a long time -- are perceived as the largest threats. Fifty-nine percent of all surveyed perceive malware as an extremely large threat and 54 percent perceive spyware as an extremely large threat.

"Consumers are the most vulnerable to ransomware, malware and spyware, because unlike at work, they don't have an IT department looking over their shoulder and handling cyber security as part of a full time job," said Shaw. "In many households, one person provides 'defacto IT support' in the home, as well as for family and friends outside of the home, but that person doesn't always feel confident that they know what they should be doing or have the time to do it."

Lack of awareness puts others at risk, too

Fifty-five percent of all surveyed by Sophos said they advise someone else (spouse, kids, friend, parents, extended family, grandchildren and other) on keeping their computer protected from malware and hackers. Of these, 14 percent are not confident that they've properly backed up and could recover data after a security breach from a computer they look after for someone else. Eighteen percent sat on the fence, neither unsure nor confident, leaving 32 percent of those who rely on someone else to handle their cyber security potentially vulnerable to a data breach.

"Backing up computers and installing advanced protection for home PCs and Macs are things we should all be doing, like adding a house or car alarm to the locks on your doors. We should also be much less trusting online. Be vigilant about emails -- if you are not absolutely sure who sent it and why, check with them first, and if you're skeptical, just hit delete," said Shaw. "These are some top tips consumers and designated home IT providers should use as best practices to stay safe online."

Additionally, 11 percent are not confident that the computer they monitor for someone else is protected from hackers and viruses, and 14 percent were neither unsure nor confident. This means 25 percent of home computers that are managed by someone else, as surveyed, are vulnerable to cybercrime, including phishing and ransomware.

"At home, anyone who is vaguely technically literate is often expected to protect multiple PCs and Macs for their extended family and friends," said Shaw. "The Sophos survey data shows a need for remote, cloud-based cyber security, like Sophos Home, which lets people easily manage protection for multiple computers and multiple people from one single dashboard."

Sophos Home is a free commercial-grade product that combines antivirus and URL blocking to protect home PCs and Macs from malware, viruses, ransomware and inappropriate websites. Users can manage security for up to 10 computers from any browser, including PCs and Macs in remote locations. 

Sophos surveyed 1,250 consumers 18 years or older in the US (500), UK (500), Germany, Switzerland and Austria (250) during September 2016. ReRez Research, Dallas, Texas, an independent market research firm, conducted the study.

Survey information is available on the Sophos blog. Survey infographics, plus ransomware and phishing screen shots from SophosLabs, are available upon request.  

Read the latest security news and views on our award-winning Naked Security News and read more about us at Sophos News

Protect every Mac and PC in your home with the next generation of centrally managed free internet security software, Sophos Home.

About Sophos 
More than 100 million users in 150 countries rely on Sophos' complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos' award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol "SOPH." More information is available at www.sophos.com.

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.