No More Ransom Saves Victims

Uploaded on 2021-08-03 in INTELLIGENCE--Europe, GOVERNMENT-Law Enforcement, FREE TO VIEW

According to a recent Europol statement, a service called No More Ransom has assisted in the recovery of valuable information stolen by hackersThis has helped more than 6 million victims and has saved approximately €1B from cyber criminal hands. No More Ransom is collecting decryptors so ransomware victims don’t have to pay to get their data back and attackers don’t get rich. 

Ransomware victims are encouraged to reject the demand for payment. Moreover, the project members explain that by paying ransom to cyber criminals, you are only confirming that the ransomware is working, and there is no guarantee that you will receive the required decryption key in return.

To date, the No More Ransom repository of ransomware decryptors has helped more than 6 million victims recover their files, keeping nearly a billion euros out of the hands of cyber criminals says Europol recently.

No More Ransom is maintained via cooperation between the European Cybercrime Centre and several cybersecurity and other types of companies, including Kaspersky, McAfee, Barracuda and AWS. Its purpose is to keep victims from handing over the cash that helps fuel more ransomware attacks, according to Europol.

“The general advice is not to pay the ransom,” No More Ransom advises. “By sending your money to cyber criminals you’ll only confirm that ransomware works, and there’s no guarantee you’ll get the decryption key you need in return.”

Instead, the group directs victims to their Crypto Sheriff tool. There, victims can enter either the URL, onion or Bitcoin address given by the attacker to pay the ransom.

The tool searches the No More Ransom database, where the offerings have grown from an initial four decryptors back in 2016 to the current roster of 121 tools to decrypt 152 ransomware families. It’s also free and available in 37 languages, according to the group. If no decryptor is available for a given ransomware infection, keep checking back: No More Ransom regularly adds new unlock tools.

Don’t Pay the Ransom

Victims who are quick to pay identify themselves as easy prey. Cybereason reported that 80 percent of organisations that paid a ransom were then hit by a follow-up attack.  Half of those were attacked a second time by the same group, but a full third attracted additional threat actors smelling an easy payday.

Regular backups remain the best way to protect data from a ransomware attack, the Europol said. They further recommend users be mindful of the links they click on and update their security software. But most importantly, the cyber crime cops appeal to organisations to avoid handing over their money.

“If you become a victim, do not pay!” the Eurpol said. “Report the crime and check No More Ransom for decryption tools.”

Europol say that frequent backups are still the most effective method of preventing a ransomware infection. The agency advised users to pay close attention to the links they click and to keep their software up to date on a regular basis. Europol also strongly advises ransomware victims not to pay the ransom. The first step to take in this situation is to report the crime and then search for decryption tools in the No More Ransom repository.

The decryptors available in the No More Ransom repository have helped more than six million people to recover their files for free. This prevented criminals from earning almost a billion euros through ransomware attacks. Currently offering 121 free tools able to decrypt 151 ransomware families, it unites 170 partners from the public and private sector. The portal is available in 37 languages.

Despite controversy over whether businesses and organisations who fall victim to ransomware should meet criminals’ demands, the US government is unlikely to make it illegal for victims of ransomware attacks to pay the ransom.

According to the US Department of Justice, banning this act will only wreak further havoc. Bryan Vorndran, assistant director of the FBI's cyber division, told lawmakers on the US Senate Committee on the Judiciary that the agency does not recommend companies pay ransoms because it doesn't guarantee the business will regain access to their data or prevent data from ultimately being leaked.

Europol:        Threatpost:      Softpedia:      Dark Reading:      Oodaloop:     UrgentComm:

You Might Also Read:

Negotiating Ransom: To Pay Or Not?:

 

« Cyber Attacks May Lead To A “shooting war”
Learn how to detect and respond to insider threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CloudPassage

CloudPassage

CloudPassage, a cloud security and compliance pioneer, safeguards cloud infrastructure for the world’s best-recognized brands.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

Vitrociset

Vitrociset

Vitrociset design complex systems for defence, homeland security, space and transport. Activities include secure communications and cybersecurity.

ISGroup (Information Security Group)

ISGroup (Information Security Group)

ISGroup services include network penetration testing, Web application penetration testing, ethical hacking, vulnerability assessments, code review and associated training.

Tokio Marine HCC

Tokio Marine HCC

Tokio Marine HCC is a leading specialty insurance group with a Financial and Professional product line including Tech and Cyber.

TechForing Ltd.

TechForing Ltd.

TechForing Ltd. works for business organization's cyber security and cyber crime incident managements. We help business to secure their business online.

Nubeva Technologies

Nubeva Technologies

Nubeva provide a breakthrough TLS Decrypt solution with Symmetric Key Intercept to gain the visibility needed to monitor and secure network traffic.

EYE Security

EYE Security

EYE provides enterprise-grade cyber security services and cyber insurance to SMEs in Europe, Cyber Incident Response and strategic advice in board rooms.

Antares NetlogiX

Antares NetlogiX

Antares Netlogix are a leading Austrian service provider for IT security, critical infrastructures and managed security services.

DTS Systeme

DTS Systeme

DTS Systeme is an IT service provider with a focus on the core areas of datacenter, technologies and IT security.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

NetGain Technologies

NetGain Technologies

NetGain Technologies helps small to medium-sized businesses gain access to expert IT talent. We provide strategies that use technology as a driving force behind business growth.

Anametric

Anametric

Anametric is developing new technologies and devices for chip scale quantum photonics, with a focus on cybersecurity.

TAFEcyber

TAFEcyber

TAFEcyber is an Australian based consortium focusing on the skilling of the fast-growing cyber security workforce through education and training.

Oxylabs

Oxylabs

Oxylabs is the largest datacenter proxy pool in the market, with over 2 million proxies. Designed for high-traffic, fast web data gathering while ensuring superior performance.

ScamAdvisor

ScamAdvisor

ScamAdviser helps over 3 million consumers every month to discover if a website is legitimate or a possible scam.