A new website set up by Europol, Intel and Kaspersky to help resist the threat of ransomware could allow you to recover encrypted data for free. The site is designed to stop people paying ransoms to malware creators as this makes the problem worse.
Ransomware is a major threat. A series of major campaigns have thrown it into the headlines in recent months as hospitals and governments have paid up to rid themselves of infections.
As the fastest growing form of malware and a lucrative option for cybercriminals, ransomware shows no signs of going away anytime soon. This week, Europol, the European Police Agency, announced a collaboration with Intel and security firm Kaspersky Labs that aims to tackle ransomware and help people affected by it.
The website No More Ransom is designed to inform the public about what ransomware is, how they can protect themselves and what to do in the event of an infection. The advice is fairly standard security best practices, covering password reuse, effective backup routines and safe web usage. However, there are also some unique features to directly aid those who have had their files encrypted.
The site includes tools to detect if ransomware is present. It can then attempt to decrypt infected files. When a user uploads an encrypted file to No More Ransom, it runs it through a database of 160,000 known decryption keys to see if any of them match. There’s no guarantee it’ll be successful but it gives you a chance of recovering your data for free.
If ransomware infects your computer, security experts advise you don’t pay the ransom. Giving the criminals the money worsens the problem by demonstrating people will pay up. There’s no guarantee your data will actually be recovered, potentially leaving you out of pocket.
“Paying the ransom is never recommended, mainly because it does not guarantee a solution to the problem. There are also a number of issues that can go wrong accidentally. For example, there could be bugs in the malware that makes the encrypted data unrecoverable even with the right key,” reads an explanation on No More Ransom. “In addition, if the ransom is paid, it proves to the cybercriminals that ransomware is effective. As a result, cybercriminals will continue their activity and look for new ways to exploit systems that result in more infections and more money on their accounts.”
By educating users on how to deal with ransomware, No More Ransom may be able to slow the rising infection rate and begin to turn back the tide. Checking the website after you’re infected could save you cash and help to drive the cybercriminals out of business, cutting off their income by refusing to play into their hands.
No More Ransom is an open initiative seeking new partners to help it carry its message. As more industry-leading security firms become involved, it will gain more exposure and be able to help more people recover from ransomware. The malware is developing faster than the techniques to prevent it, leaving consumers and businesses vulnerable to attack.