Following today’s news that ransomware group, Ziggy, has shut down its criminal activities and released victims decryption keys, cybersecurity experts discuss the continued need for law enforcement agencies to continue to work with cybersecurity vendors to combat threats.
<p>At the end of January, another well-known ransomware group decided to put an end to its activities: Fonix. The Fonix ransomware had been active since at least June 2020; their malware would encrypt practically all files on the targeted computer and also altered the operating system to make it harder to remove the malware. Upon disbanding, Fonix released a decryption key, and we released a decryptor tool to automate the process for companies and individuals. The situation with Fonix, and, now, with Ziggy, emphasizes that you should never pay a ransom. The landscape changes constantly; new groups form and old groups disband. That means there is always a chance you can get your data back. That said, there are still several ransomware families that remain highly active in 2021, so it will be important for law enforcement agencies and infosec vendors to continue to work together to combat the threat.</p>