Even though ransomware attacks have cost businesses and individuals across the world billions in losses in the past few years, No More Ransom, a public-private initiative, has helped save as much as £488 million in ransom payments since 2016, thanks to a repository of decryption software and the implementation of cyber security best practices.
No More Ransom was launched in 2016 by Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands’ police, and security firms Kaspersky and McAfee as an ambitious public-private initiative to help businesses and individuals fight back against ransomware attacks and to recover access to their stolen data without having to pay large amounts of money in ransom.
No More Ransom now counts police forces and law enforcement agencies from all over the world, including Interpol, Eurojust, and the NCA, as its associate and supporting partners along with well-known cyber security research firms F-Secure, Check Point, Bitdefender, Emsisoft, Avast, and a number of private organisations.
Using a number of custom decryption tools to decrypt 140 different types of ransomware infections, the initiative has helped individuals and businesses save an estimated £488 million in ransom payments and to recover encrypted files. The No More Ransom website lets users upload encrypted files and share the details of ransom notes and get their files decrypted for free if a decryption tool is available.
Commenting on the need for organisations to contribute to projects such as “No More Ransom”, Raj Samani, Chief Scientist and Fellow at McAfee, told TEISS that at a time where ransomware code packages are being sold on the dark web, there is a need for organisations to do their due diligence and work together in the fight to stomp out ransomware.
"Companies should also be educating their user base in the best practice measures they can take in order to protect systems, make sure processes are in place to detect threats and correct these vulnerabilities accordingly.
"As many organisations and individuals embark on the journey to cloud transformation, it is particularly important to remain alert of these threats in order to avoid any unpleasant surprises planted by malicious agents which might exploit existing systems," he added.