Anti-Ransomware Site Saves Victims Millions

Philip BaderCybersecurity

The online portal No More Ransom, a group dedicated to helping targets of ransomware attacks recover encrypted data without giving in to ransom demands, has helped save more than six million victims nearly €1 billion in its five years in operation. In a press release issued on July 26 to mark the fifth anniversary of the group, Europol praised the efforts of the No More Ransom group.

Millions of people have benefitted from free decryption tools made available by the No More Ransom group. “This prevented criminals from earning almost a billion euros through ransomware attacks,” the Europol press release stated. According to Europol data, the group’s tools protect against 151 families of ransomware.

Public-Private Effort to Stop Ransomware

No More Ransom began operations in 2016. It is the result of collaboration between the National High Tech Crime Unit within the Netherlands’ police, Europol’s European Cybercrime Centre, and the cybersecurity firms Kaspersky and McAfee. The group’s goal is twofold: to help victims of ransomware restore access to encrypted data without enriching criminal gangs, and to raise awareness about how ransomware works and how to prevent attacks.

The No More Ransom project is supported by 170 founding, associate, and supporting partners that include European law enforcement agencies, private businesses that assist with the development and application of decryption tools, and other groups that help publicize the work of No More Ransom globally.

How It Works

Victims of ransomware attacks can visit the site and use the Crypto Sheriff to determine if a free decryption tool exists in the site’s depository. They will also receive instructions about how to proceed if a tool exists. For example, users are advised to make sure all malware has been removed from their systems before any attempt to decrypt their affected data.

The site does not have support for every kind of ransomware. If the Crypto Sheriff can’t determine a match, users are instructed to back up their encrypted files in the event that a tool becomes available in the future. The No More Ransom site currently has user support in 37 languages.

SecureData offers a range of services regarding breaches, including hardware and software, and forensics analysis. The line of security products helps to protect computers and drives across the organization through single or combined solutions.

Digital Pandemic

Ransomware attacks have increased at an alarming rate in recent years, and no company or organization is immune. On July 2, the criminal gang known as REvil targeted the Florida-based Kaseya software firm, demanding $70 million in exchange for the decryption key. The attack affected information from between 800 and 1500 businesses who use Kaseya software products.

Earlier in the year, alleged Russian hackers using the name DarkSide successfully encrypted data in a ransomware attack on Colonial Pipeline that forced the company to halt all pipeline operations. The closure led to a spike in gas prices, panic buying, and fears of long-term fuel shortages. The successful attack on critical U.S. infrastructure further demonstrated the threat that ransomware continues to pose.

In line with the work of No More Ransom, the FBI advises against the payment of ransom in the wake of an attack. Payment is no guarantee that victims will get access to their encrypted files. Ransom payments also enrich criminals and help fund additional attacks. There is growing evidence to support the fear that ransom payments are no guarantee of restored access to locked files or a safeguard against a secondary data leak common in many ransomware attacks.

Be Prepared

The scourge of ransomware affects everyone, from small businesses to major corporations, from critical infrastructure to government agencies, as well as all the personal information on consumers and citizens that these organizations regularly handle and store. Groups such as No More Ransom are doing what they can to ease the burden and lessen the cost.

But the threat of cyberattacks of every sort continues to grow as the methods of attackers evolve in complexity. Some U.S. states have considered legislation to prohibit the payment of ransom in an effort to remove the financial incentive for attacks. Others have proposed outlawing cryptocurrency, the currency most often demanded in ransomware attacks.

The Department of Homeland Security’s Cybersecurity and Information Security Agency has made ransomware protection a major priority, even launching a new initiative this month called Stop Ransomware. It’s a one-stop site with detailed information on what to do in the event of an attack and steps that can be taken to mitigate the risk of an attack.

The Right Tools

SecureData understands how catastrophic a ransomware attack can be, and how essential it is to have a strategy to mitigate the risk and facilitate a speedy recovery when disaster strikes. Our data security experts have spent more than a decade creating comprehensive security solutions for every type of cyberthreat, including ransomware attacks.

In accordance with government recommendations, SecureData’s cybersecurity solutions begin with offline encrypted backup and portable storage devices to ensure that you have a clean copy of all your data that is unconnected to potentially infected networks. Additional security measures include remote drive management capabilities to control user access and aid in remote wipes in the case of loss or theft of storage drives. We also provide cutting-edge Data Loss Prevention technology with our SecureGuard USB port-blocking software.

SecureData has a range of data security tools to help businesses, government agencies, law enforcement, and others keep their data safe from ransomware attacks. Call us today at 1-800-520-1677. We can help you create a customized solution to keep your data safe and secure.