Ransomware is a type of malicious software that has been designed to block access to a computer system until a sum of money (ransom) is paid for one to regain access or recover files. This can be really intimidating especially when you are a corporate, government institution or offering other crucial services to the public.
Research done by Kaspersky Lab show that the victims of crypto-ransomware have been growing at a very high rate with the number of users affected hitting 718,000 in the year 2015/2016 compared to 131,000 in the year 2014/2015. Which translates to a rise of 550%.
The initiative is aimed at educating the public on the dangers of ransomware and assisting those affected to recover their data without the need of paying the ransom to the attackers or cybercriminals.
“The biggest problem with crypto-ransomware today is that when users have precious data locked down, they readily pay criminals to get it back. That boosts the underground economy, and we are facing an increase in the number of new players and the number of attacks as a result. We can only change the situation if we coordinate our efforts to fight against ransomware. The appearance of decryption tools is just the first step on this road. We expect this project to be extended, and soon there will be many more companies and law enforcement agencies from other countries and regions fighting ransomware together”, says Jornt van der Wiel, Security Researcher at Global Research and Analysis Team, Kaspersky Lab.
Objectives of NoMoreRansom.org
- To provide vital information for ransomware victims; on how it works and how to protect themselves.
- Given the fact that the current malware does not have a decryption tool, NoMoreRansom provides awareness on the same.
- Provide tools to users that will assist them in recovering their data in case it is blocked
“This initiative shows the value of public-private cooperation in taking serious action in the fight against cybercrime,” says Raj Samani, EMEA CTO for Intel Security. “This collaboration goes beyond intelligence sharing, consumer education, and takedowns to actually help repair the damage inflicted upon victims. By restoring access to their systems, we empower users by showing them they can take action and avoid rewarding criminals with a ransom payment.”
Since 2014, Kaspersky Lab and Intel Security prevented more than 27 000 attempts to attack users with Shade Trojan. Most of the infections occurred in Russia, Ukraine, Germany, Austria and Kazakhstan. Shade activity (A ransomware-type of Trojan) was also registered in France, Czech Republic, Italy, and the US.
Through collaboration and data sharing, The Shade command and control server used by criminals to store keys for decryption was seized hence it has assisted in coming up with the special tools for decryption.
Wilbert Paulissen, Director of the National Criminal Investigation Division of National Police of the Netherlands: “We, the Dutch police, cannot fight against cybercrime and ransomware in particular, alone. This is a joint responsibility of the police, the justice department, Europol, and ICT companies, and requires a joint effort. This is why I am very happy about the police’s collaboration with Intel Security and Kaspersky Lab. Together we will do everything in our power to disturb criminals’ money making schemes and return files to their rightful owners without the latter having to pay loads of money.”
Reporting ransomware to law enforcement is very important to help authorities get an overall clearer picture and thereby a greater capacity to mitigate the threat. The No More Ransom website offers to the victims the possibility to report a crime, directly connecting with Europol’s overview of national reporting mechanisms (http://APO.af/57Z0FA).
If you have somehow become a victim of ransomware, we advise you not to pay the ransom. By making the payment you will be supporting the cybercriminals’ business. Plus, there is no guarantee that paying the fine will give you back the access to the encrypted data.