No More Ransom, the initiative launched to help victims of ransomware decrypt their files, has celebrated its six-year anniversary. Since the launch, it has grown from four partners to 188 and has contributed 136 decryption tools covering 165 ransomware families. In doing so, it has helped more than 1.5 million people decrypt their devices all over the world, with the project available in 37 languages.
Ransomware encrypts valuable information stored on victims’ computers by infecting them using insecure and fraudulent websites, software downloads, malicious attachments, and through RDP (remote desk protocol) attacks and exploiting vulnerable internet-facing servers. Criminals then seek ransom from the victim, promising to retrieve their encrypted data in return. This type of malware has been a cybersecurity concern for many years, with attackers targeting all types of stakeholders, including both customers and enterprises, and evolving from separate gangs to full-fledged businesses with their own ecosystems.
To help people and organizations retrieve access to valuable information, the National High Tech Crime Unit of the Dutch National Police, Europol’s European Cybercrime Centre, Kaspersky and other partners jointly created the No More Ransom initiative in 2016. On the official website, participants can publish decryption tools, guidelines, and instructions on how to report a cybercrime, regardless of where it happened. These tools and materials have helped victims of 165 ransomware families get their data back without any payments. In addition to the decryption tools, the project also aims to spread information on how ransomware works and what measures can be taken to prevent infection.
Kaspersky is one of the founding partners that contributed to 9 decryption tools that helped to retrieve the data encrypted by 38 ransomware families. Since 2016, these tools have been downloaded more than 185,000 times.
Jornt van der Weil, security researcher at Kaspersky Global Research and Analysis Team, said:
Ransomware is an effective way to get money from victims and remains one of the biggest cybersecurity concerns. In just the first three months of 2022, more than 74,000 unique users were found to have been exposed to this type of threat – and all these attacks were successfully detected. This has led to an increase in the tendency of helping these initiatives, and I’m extremely happy that we are able to assist people and companies in restoring their digital assets, without paying the attackers. This way we hit the criminals where it hurts - their business model - as users are no longer forced to pay to decrypt their data. We will keep on fighting ransomware with our existing and future partners.
To find further information on helping in the fight against ransomware, or to learn more about the No More Ransom initiative, please visit the initiative’s website at nomoreransom.org.