More than 2,500 victims were able to decrypt their data, with more than one million dollars already saved, thanks to the global initiative
Just three months after the successful launch of the No More Ransom project, law enforcement agencies from a further 13 countries have signed up to fight ransomware together with the private sector.
The new members are: the United Kingdom, Bosnia and Herzegovina, Bulgaria, Colombia, France, Hungary, Ireland, Italy, Latvia, Lithuania, Portugal, Spain and Switzerland. Further law enforcement agencies and private sector organisations are expected to join the programme in the coming months. Their collaboration will result in more free decryption tools becoming available, helping even more victims to decrypt their devices and unlock their information, and damaging the cybercriminals where it hurts the most: their wallets.
The project’s objectives are supported by Eurojust and the European Commission, demonstrating the EU’s concern about the growing threat of ransomware.
No More Ransom was launched on 25 July 2016, by the Dutch National Police, Europol, Intel Security and Kaspersky Lab, introducing a new level of cooperation between law enforcement and the private sector to fight ransomware together. The aim of the online portal is to provide a helpful resource for victims of ransomware. Users can find information on what ransomware is, how it works and, most importantly, how to protect themselves.
During the first two months, more than 2,500 people have successfully managed to decrypt their data without having to pay the criminals, using the main decryption tools on the platform (CoinVault, WildFire and Shade). This has deprived cybercriminals of an estimated $1+ million in ransoms.
The more law enforcement agencies and private sector partners work together, the more decryption tools can be created and made available. Currently, five decryption tools are listed on the website.
Since the launch of the portal in July, the WildfireDecryptor has been added and two decryption tools updated: RannohDecryptor (updated with a decryptor for the ransomware MarsJoke aka Polyglot) and RakhniDecryptor (updated with Chimera).
“Europol is fully committed to supporting the enlargement of the No More Ransom project within the EU and internationally to respond to ransomware in an effective and concerted manner,” says Steven Wilson, head of the European Cybercrime Centre. “Despite the increasing challenges, the initiative has demonstrated that a coordinated approach by EU law enforcement that includes all relevant partners can result in significant successes in fighting this type of crime, focusing on the important areas of prevention and awareness. I am confident that the online portal will continue to improve in the months to come. All police forces are warmly encouraged to join the fight.”
“The fight against ransomware succeeds best when law enforcement agencies and the private sector join forces. Researchers can offer broader malware analysis and services like internet scanning, helping to find connections between different items of data. This enables the police to locate and seize the servers used to manage the attack. In some cases, the researchers’ insight can also help to track down and arrest the criminals responsible. The seized servers can contain decryption keys, and, when shared with private sector companies this can be turned into decryption tools that help victims to unlock their data without paying the ransom. Basically, information-sharing is the key to effective collaboration between the police and security researchers. The easier and faster it happens – the more effective the partnership becomes. Getting more law enforcement agencies from different countries on board will therefore improve operational information-sharing, so that in the end ransomware will be fought more effectively,” says Jornt van der Wiel, Security Researcher at the Global Research and Analysis Team at Kaspersky Lab.
In order to broaden the audience and improve results even further, the portal is currently being adapted to support different language versions.
As a second step, the project will welcome new companies from the private sector, after a very high level of interest and countless requests received.
[su_box title=”About Kaspersky Lab” style=”noise” box_color=”#336588″][short_info id=’59584′ desc=”true” all=”false”][/su_box]Lauren.White@berkeley.global
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.