86 million reasons to support No More Ransom

The No More Ransom portal that aims to help victims of ransomware to recover their data without having to pay ransom to cyber criminals has saved ransomware victims £86.5m ($108m) in the past three years.

The portal, which informs the public about the dangers of ransomware as well as disrupting the business model behind it, was started as a joint initiative by the Dutch National Police, Europol and McAfee.

No More Ransom is the first public-private partnership of its kind offering ransomware victims an alternative solution to losing their precious files or having to pay the  money demanded by criminals.

Since 2016, the initiative has grown to include more than 150 partners worldwide working to enable the portal to decrypt 109 different types of ransomware infections, including 2018’s most aggressive ransomware attack, GandCrab, saving an estimated £40m ($50m) in ransom payments.

The partners include 42 law enforcement agencies, five EU agencies and 101 public and private entities.

The latest partners to join No More Ransom include F-Secure, Mastercard, Get Safe Online, the European Banking Federation, the Banking & Payments Federation Ireland, the Spanish Banking Association, Intesa Sanpaolo, FraudSmart and Euronext.

With visitors from 188 countries, the project has become a one-stop shop for the victims of ransomware, having registered more than three million individual visits already.

With 14 new tools added in 2019, the portal can now decrypt 109 different types of ransomware infections.

The efforts against GandCrab – considered to be one of last year’s most aggressive ransomware attacks – is ranked one of the initiative’s top successes. Since the release of the first GandCrab tool in February 2018, nearly 40,000 people have decrypted their files that were scrambled by several generations of the ransomware.

The portal, initially released in English, is now available in 35 other languages. English, Korean, Dutch, Russian and Portuguese are the top five languages, followed by French, Chinese, German, Spanish and Italian, which illustrates the global nature of the threat.

Steven Wilson, head of Europol’s European Cybercrime Centre (EC3), said: “When we take a close look at ransomware, we see how easily a device can be infected in a matter of seconds.

“A wrong click, and databases, pictures and a life of memories can disappear for ever. No More Ransom brings hope to the victims, but also delivers a clear message to the criminals that the international community stands together with a common goal. Operational successes will continue to bring the offenders to justice.”

When it comes to ransomware, cyber security industry advice is that prevention remains the most effective form of protection.

Consumers and businesses are advised to:

• Keep offline backups of all important data.
• Ensure all software is fully patched up to date.
• Use robust antivirus software.
• Apply caution when clicking on attachments.

The third anniversary of No More Ransom coincides with a resurgence of ransomware around the world. According to the latest threat report from security firm SonicWall, the uptick in ransomware is being driven by the emergence of ransomware-as-a-service (RaaS) providers, with the UK being the worst-hit region.

Despite a 59% decline in ransomware in the UK in 2018, the report shows ransomware is up 195% in the first six months of 2019 compared with the same period a year ago.

The UK National Crime Agency (NCA) has confirmed that ransomware and other forms of cyber extortion are the top forms of cyber crime affecting citizens and businesses.

Global ransomware volume reached 110.9 million for the first half of 2019, a 15% year-to-date increase. The top exceptions were Germany (-71%), India (-62%) and the US (-21%).