An initiative set up by Europol, Netherlands police and McAfee says it has helped more than 200,000 victims of ransomware recover their files for free, saving them a total of $108m in just three years.
The No More Ransom Project, which was set up in July 2016, provides advice to people and businesses who have had their files encrypted by malicious software that demands payment to unlock them.
Its free-to-use online portal has tools that can decrypt 109 different types of ransomware and infections. The No More Ransom Project has added 14 new tools in 2019 alone.
Ransomware is usually installed when a person unwittingly clicks on a malicious link. It is a low-risk, low-cost and often high reward form of crybercrime. This has seen it become the most popular form of malware among cybercriminals, who buy and trade in various strains of it on underground forums.
The 2017 WannaCry attack that crippled the NHS is perhaps the most well-known ransomware. More recently there has been a spate of ransomware attacks crippling infrastructure, with software called Ryuk attacking places such as LaPorte County and Lake City in the US.
In the UK ransomware attacks affected roughly one in three businesses in the last 12 months.
No More Ransom Project “delivers a clear message to criminals”
The No More Ransom Project says its tool successfully decrypted the files of 40,000 people that had their files locked by GandCrab, one of 2018’s most aggressive strains of ransomware. The public-private initiative says this prevented roughly $50m in ransom payments going to the pockets of criminals.
Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3) said:
“When we take a close look at ransomware, we see how easy a device can be infected in a matter of seconds. A wrong click and databases, pictures and a life of memories can disappear forever. No More Ransom brings hope to the victims, a real window of opportunity, but also delivers a clear message to the criminals: the international community stands together with a common goal, operational successes are and will continue to bring the offenders to justice.”
Those affected by ransomware are advised to not give in to payment demands as there is no guarantee that files will be unlocked and those that pay are added to a ‘suckers list’. Criminals then circulate this list, making it more likely for that person or organisation to be targeted again.
The No More Ransom Project has received more than 3 million visitors to its portal in just three years and is now available in 35 languages including English, Korean, Dutch, Russian and Portuguese.
The project also aims to educate people and businesses on how to protect themselves from potential ransomware attacks. 42 law enforcement agencies, 5 EU agencies and 101 public and private entities have joined the initiative since 2016. The US is not a partner in the project.
While the $108m saved by the No More Ransom Project will have had a notable positive impact, it is still a fraction of the $2bn plus made globally by criminals from ransomware.