The No More Ransom project, which was launched in 2015, helped over 6 million ransomware victims to recover their files after they were locked by ransomware gangs.
No More Ransom is a public-private partnership that tackles cybercrime. It was created by law enforcement agencies and cybersecurity industry leaders such as Europol, the Netherlands’ police, Kaspersky, and McAfee. No More Ransom project has 170 partners worldwide, offering 121 free tools, and helping decrypt 151 ransomware families today.
“The decryptors available in the No More Ransom repository have helped more than six million people to recover their files for free,” the Europol said. “This prevented criminals from earning almost a billion euros through ransomware attacks. Currently, offering 121 free tools and able to decrypt 151 ransomware families, it unites 170 partners from the public and private sector.”
No More Ransom’s platform hosts tools designed to help victims recover their files after being attacked by ransomware. It also aims to raise awareness of the threat and provide victims with direct links to report cases.
To get successful decryption, a victim needs to upload two encrypted files and a ransom note. The platform will then try to match them against a variety of available tools.
If a match is found, a victim receives a link to a decryptor that will allow them to extract files from their encrypted servers. The website also provides detailed instructions on how to get started.
If the decryptor is not available, a victim is advised to check again in the future. New decryptors are added to the site regularly.
According to the industry best practice, victims of ransomware are advised to never pay the ransom, as this will finance the criminals’ future attacks and there will not be a guarantee they will get the files back. Instead, victims should take measures to prevent such attacks and minimize the damage caused by them.
The recommendations are as follows:
- Back up data stored on your servers. Keep at least one copy offline.
- Inspect suspicious emails. Avoid opening links in unexpected emails.
- Browse and download only official versions of software only from trusted sources.
- Use robust security products to protect your system from all threats.
- Ensure that your security software and the OS are up-to-date.
- Do not click on suspicious links, pop-ups, or dialogue boxes.
- Do not use high privilege accounts (accounts with administrator rights) for daily business.
- Do not pay, if you become a victim; report the attack to the authorities and check No More Ransom for decryption tools.