Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/14/2016
12:15 PM
Dark Reading Staff
Dark Reading Staff
Products and Releases
50%
50%

Consumers More Worried About Cybercrime Than Physical World Crime: Sophos

A Sophos survey discovered consumers are more concerned about cybercrime than physical world crime, yet awareness of phishing scams and ransomware remains low.

OXFORD, UNITED KINGDOM--(Marketwired - Dec 14, 2016) - Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced the findings of a recent survey that asked consumers about their awareness of phishingransomware, malware, spyware, hack attacks and other prevalent cyber threats. Significantly, the survey reveals that consumers are more worried about cybercrime than physical world crime.

Of those surveyed, 63 percent worry about financial loss due to a computer breach, 61 percent are worried about hackers taking over their computer to send spam and malware campaigns to their contacts and other innocent people, and 58 percent are worried about hackers rendering their computer useless. By contrast, 46 percent worry about their car being stolen or broken into or about physical assault, 52 percent worry about their home being robbed, and 56 percent of those surveyed worry about terrorism. The survey polled 1,250 consumers in the US, UK, Germany, Austria and Switzerland.

"People understand how to protect their home or car -- they feel they've got the physical world covered. Whereas cybercriminals are invisible and the virtual crime world is unpredictable and complicated, especially when it comes to cyber threats like phishing and ransomware," said John Shaw, vice president, Enduser Security Group, Sophos. "Attacks today usually start from legitimate websites that have been hacked -- unbeknownst to the people visiting them -- or from phishing -- sending fake emails designed to look real -- to lure consumers into opening dodgy documents or clicking malicious URLs. Once unwitting users have clicked, ransomware executes in the background and then locks and holds hostage your personal files, photos and other valuable data until you pay the criminals money."

Despite concern for cybercrime in general among those consumers surveyed, awareness of phishing and ransomware remains relatively low. Forty-seven percent, nearly half, are not familiar with phishing or perceive it as a low threat, which is a concern considering phishing is the number one attack method used to gain access to personal information. More than 30 percent of those surveyed rated themselves as being extremely unprotected, unsure of being protected or completely unaware of phishing attacks. Thirty-one percent of those surveyed said they are not familiar with ransomware or perceive it as a low threat.

"Those within cyber security circles know ransomware has become a lucrative billion dollar business for an army of cybercriminals who use toolkits developed by 'super hackers.' These toolkits put advanced exploit techniques at the fingertips of any criminally-minded person who is even vaguely computer literate to easily carry out cyberattacks," said Shaw. "It's time consumers learn about the tricks and trade of cybercriminals and how their threats are constantly evolving."

Not surprisingly, traditional malware and spyware -- cyber threats that have been with us for a long time -- are perceived as the largest threats. Fifty-nine percent of all surveyed perceive malware as an extremely large threat and 54 percent perceive spyware as an extremely large threat.

"Consumers are the most vulnerable to ransomware, malware and spyware, because unlike at work, they don't have an IT department looking over their shoulder and handling cyber security as part of a full time job," said Shaw. "In many households, one person provides 'defacto IT support' in the home, as well as for family and friends outside of the home, but that person doesn't always feel confident that they know what they should be doing or have the time to do it."

Lack of awareness puts others at risk, too

Fifty-five percent of all surveyed by Sophos said they advise someone else (spouse, kids, friend, parents, extended family, grandchildren and other) on keeping their computer protected from malware and hackers. Of these, 14 percent are not confident that they've properly backed up and could recover data after a security breach from a computer they look after for someone else. Eighteen percent sat on the fence, neither unsure nor confident, leaving 32 percent of those who rely on someone else to handle their cyber security potentially vulnerable to a data breach.

"Backing up computers and installing advanced protection for home PCs and Macs are things we should all be doing, like adding a house or car alarm to the locks on your doors. We should also be much less trusting online. Be vigilant about emails -- if you are not absolutely sure who sent it and why, check with them first, and if you're skeptical, just hit delete," said Shaw. "These are some top tips consumers and designated home IT providers should use as best practices to stay safe online."

Additionally, 11 percent are not confident that the computer they monitor for someone else is protected from hackers and viruses, and 14 percent were neither unsure nor confident. This means 25 percent of home computers that are managed by someone else, as surveyed, are vulnerable to cybercrime, including phishing and ransomware.

"At home, anyone who is vaguely technically literate is often expected to protect multiple PCs and Macs for their extended family and friends," said Shaw. "The Sophos survey data shows a need for remote, cloud-based cyber security, like Sophos Home, which lets people easily manage protection for multiple computers and multiple people from one single dashboard."

Sophos Home is a free commercial-grade product that combines antivirus and URL blocking to protect home PCs and Macs from malware, viruses, ransomware and inappropriate websites. Users can manage security for up to 10 computers from any browser, including PCs and Macs in remote locations. 

Sophos surveyed 1,250 consumers 18 years or older in the US (500), UK (500), Germany, Switzerland and Austria (250) during September 2016. ReRez Research, Dallas, Texas, an independent market research firm, conducted the study.

Survey information is available on the Sophos blog. Survey infographics, plus ransomware and phishing screen shots from SophosLabs, are available upon request.  

Read the latest security news and views on our award-winning Naked Security News and read more about us at Sophos News

Protect every Mac and PC in your home with the next generation of centrally managed free internet security software, Sophos Home.

About Sophos 
More than 100 million users in 150 countries rely on Sophos' complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos' award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol "SOPH." More information is available at www.sophos.com.

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24368
PUBLISHED: 2021-06-20
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin WordPress plugin before 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, leading to a reflected Cross-Site Scripting issue. This c...
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-33185
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33186
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31272
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.