Tales from the Certified Hacker: Attacked by ransomware? There's help out there!

16 Sep 2016

The No More Ransom project

In order to combat ransomware which cryptographically locks a victim’s files and then demands payment to unlock those files, the No More Ransom project offers relief.

Hospitals, universities, businesses of all sizes and home personal computer systems have all been targeted, many successfully.  According to some sources, 65% of UK companies paid up, with 45% who paid getting their data decrypted and able to be used once more.  It also appears that only 3% of US companies pay the ransom.

The “No-More-Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security.  The goal of the project is to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

Users can upload encrypted files to see what kind of malware they're infected with, and then check to see if it can be removed with the 160,000 decryption keys at the organisation's disposal.

Since it is much easier to avoid the threat than to fight against it, once the system is affected the project also aims to educate users about how ransomware works and what countermeasures can be taken to effectively prevent infection. The more parties supporting this project the better the results can be. This initiative is open to other public and private parties.

Prevention is far better than the cure; user education and offline backups are by far the two best methods of preventing malware infection in the first place; and if infection does occur, restoration of data from offline backups will perhaps save the business and IT staff’s sanity.  The No More Ransom project offers a third option, the possibility of decrypting hostage files.

References and further reading:

 Are you protected by a Certified Ethical Hacker?

Terry Griffin

Want to learn more about how to protect your IT information and privacy?  Attend the EC-Council Certified Ethical Hacker course at DDLS