U.S. adults think retailers and credit payment companies should hold most of the responsibility for protecting their data used in online purchases but don’t expect companies to give-in to ransomware demands.

In a new survey, “Hacking America: Cybersecurity Perception,” Woburn, Mass.-based Kaspersky Lab and San Francisco-based HackerOne also revealed American businesses and consumers still need a more comprehensive understanding of cyberthreats and how to protect personal and sensitive business data online.

The study also looked at how ransomware attacks on businesses are on the rise, from an attack every two minutes in January 2016, to every 40 seconds by October 2016, according to a Kaspersky Lab report. However, almost two in five U.S. adults do not expect companies to pay a ransom if they were hacked. Nevertheless, when asked what types of data they expect businesses to pay a ransom retrieve information, 43% expect companies to pay for employee social security numbers, followed by customer banking details (40%) and employee banking details (39%).

“This study helps to highlight the ongoing confusion among Americans, both at home and while at work, regarding cybersecurity,” Ryan Naraine, head of the U.S. Global Research and Analysis Team, Kaspersky Lab, said. “Cybersecurity is everyone’s responsibility, and it’s imperative that the security community, businesses and governments routinely work together to educate Americans on cyber threats. We need to ensure that consumers and organizations are not only educated on the risks, but also know the best solutions for safeguarding sensitive data from cybercriminals.”

The report, a result of a December 2016 survey of more than 5,000 U.S. adults, also revealed:

  • Twenty-two percent are more likely to make a purchase if they know a company hired hackers to help boost security.
  • Forty-four percent believe that North America is more vulnerable to cyberespionage or nation-sponsored cyberattacks with Donald Trump as President.


In addition, consumers now make purchasing decisions based on the cyber security practices. The survey found that the majority of Americans are looking to others to take responsibility for their security. However, the younger generations believe that they should take ownership for protecting their own data when making purchases online.

“Every business online today is vulnerable to new risks that are inevitably being passed down to their customers,” Alex Rice, CTO and founder of HackerOne said. “The data from this report highlights a growing trend that consumers cast votes of confidence in the businesses that proactively work with hackers to keep their data safe from breaches.”

A separate study, the San Jose, Calif. based digital identity firm ThreatMetrix’s Q4 Cybercrime Report, based on actual attacks from October – December 2016 disclosed 122 million attacks detected and  stopped in real time; more than a 35% increase over the previous year. In addition, the growth in attacks outpaced overall transactions growth and the total rejected transaction rate grew 15%, demonstrating the heightened risk levels.

According to ThreatMetrix last-quarter cybercrime report, digital authentication continued as one of the biggest use cases globally; however new account originations are growing fast across industries. New account originations continue to be the riskiest transactions with nearly one in 10 rejected.

Other key findings:

  • Forty-five percent of transactions now come from mobile devices, a 32% increase on the previous year.
  • Mobile-only users have increased across all industry groups.
  • Mobile banking remains one of the strongest use cases for returning customers, with high recognition rates.
  • High transaction volumes from global customer base showed that cross-border transactions are growing and riskier.
  • Increasing complex bot attacks targeting financial institutions, particularly fintechs