‘No More Ransom’ Helped over 1.5 Million Ransomware Victims to Decrypt their Devices
Ransomware encrypts valuable information stored on victims’ computers by infecting them using insecure and fraudulent websites, software downloads, malicious attachments, and through RDP (remote desk protocol) attacks and exploiting vulnerable internet-facing servers.
No More Ransom, the initiative launched to help victims of ransomware decrypt their files, celebrates its six-year anniversary today. Since the launch, it has grown from four partners to 188 and has contributed 136 decryption tools covering 165 ransomware families. In doing so, it has helped more than 1.5 million people decrypt their devices all over the world – with the project available in 37 languages.
Ransomware encrypts valuable information stored on victims’ computers by infecting them using insecure and fraudulent websites, software downloads, malicious attachments, and through RDP (remote desk protocol) attacks and exploiting vulnerable internet-facing servers. Criminals then seek ransom from the victim, promising to retrieve their encrypted data in return. This type of malware has been a cybersecurity concern for many years, with attackers targeting all types of stakeholders – from customers to enterprises – and evolving from separate gangs to full-fledged businesses with their own ecosystems.
To help people and organizations retrieve access to valuable information, the National High Tech Crime Unit of the Dutch National Police, Europol’s European Cybercrime Centre, Kaspersky and other partners jointly created the No More Ransom initiative in 2016. On the official website, participants can publish decryption tools, guidelines, and instructions on how to report a cybercrime regardless of where it happened. These tools and materials have helped victims of 165 ransomware families get their data back without any payments. In addition to the decryption tools, the project also aims to spread information on how ransomware works and what measures can be taken to prevent infection.
Kaspersky is one of the founding partners who contributed to the 9 decryption tools, which helped to retrieve the data encrypted by 38 ransomware families. Since 2018, these tools have been downloaded more than 304 274 times
“Ransomware is an effective way to get money from victims and remains one of the biggest cybersecurity concerns. In just the first three months of 2022, more than 74,000 unique users were found to have been exposed to this type of threat – and all these attacks were successfully detected. This has led to an increase in the tendency of helping these initiatives, and I’m extremely happy that we are able to assist people and companies in “restoring” their digital assets, without paying the attackers. This way we hit the criminals where it hurts – their business model – as users are no longer forced to pay to decrypt their data. We will keep on fighting ransomware with our existing and future partners,” said Jornt van der Weil, security researcher at Kaspersky Global Research and Analysis Team
Mr. Dipesh Kaura, General Manager, Kaspersky (South Asia) explains “Kaspersky is exceptionally proud to be one of four founding members of the No More Ransom initiative. The triumph of the No More Ransom initiative was through the active support of law enforcement and private industry. If you become a victim, it is crucial not to pay the ransom and report your infection to the police. Online users must avoid becoming victims as many suitable prevention recommendations are available on the No More Ransom website. Ultimately, we will need to continue working together to keep pace with attackers when fighting ransomware. Kaspersky would continue to share threat intelligence and train businesses against ransomware.”
To find further information on helping in the fight against ransomware, or to learn more about the No More Ransom initiative, please visit the initiative’s website at nomoreransom.org.