The No More Ransom Project
The No More Ransom project is celebrating its fifth birthday this week. The initiative started out in 2016 with just a couple of founding partners: IT security companies, Kaspersky and McAfee, the National High Tech Crime Unit of the Dutch police, and Europol’s European Cybercrime Centre. Today, the project can count on approximately 170 partners from all over the world, mainly tech companies and law enforcement agencies. Several universities, telcos and financial services companies have also joined the initiative. The only oddity, perhaps, is the lack of representation from US based law enforcement agencies. The portal is available in an impressive number of languages, 37 to be precise. As a result, ransomware victims from all over the world use the website. The top five visitors include people from South Korea (10%), the US (8%), India (7%), China and Indonesia (both 6%). This shows that, although the project started in Europe, the initiative helps victims from all over the world.
Database with Hundreds of Decryptors
The goal of Nor More Ransom is to help victims of ransomware retrieve their encrypted data without having to pay the criminals through their cyber insurance or out of their own pocket. The project amassed 121 tools that can decrypt 151 ransomware types in total. Victims who have been held hostage by ransomware can use these tools for free. “Crypto Sheriff” is an online tool that helps define ransomware type involved. Victims simply have to upload an encrypted file and, if available, type in the onion or bitcoin address the cybercriminals gave them. In this way, No More Ransom can check if a solution is available. A good antivirus program can help victims remove the malware from their systems first. Otherwise, it will simply lock the system and/or encrypt files again and again. Unfortunately, not every ransomware type has a solution. In many cases, only a backup can help victim’s recover their files.
€1 Billion Saved
The idea, of course, is to stop supporting the cybercriminals’ business model. “The decryptors available in the No More Ransom repository have helped more than six million people to recover their files for free”, said Europol in a press release. According to Europol, this saved victims nearly €1 billion in the past five years. An enormous amount of money, that would otherwise have ended up in criminals’ pockets. Of course, prevention is still key. Everyone can significantly reduce the chances of getting hit with a ransomware attack. The mitigation steps are relatively simple:
Take regular file backups; Keep programs and systems up to date; Encrypt or password protect sensitive information; Enforce the principle of least privilege (only grant others access to files or the parts of a network they need); Protect your system with antivirus software and a firewall; Use a VPN for extra security and privacy; Be security-aware: don’t click on links in spam, use multi-factor authentication, avoid sharing personal data, etc.
