Last updated at Tue, 20 Jun 2023 19:12:55 GMT
The amazing No More Ransom Project celebrates its fifth anniversary today and so we just wanted to take a moment to talk about what it has accomplished and why you should tell all your friends about it.
The name pretty much says it all — No More Ransom aims to help organizations avoid having to pay ransoms for cyber attacks by providing guidance for defending against attacks, connecting victims with law enforcement, and most crucially, by providing free decryption tools. Just think about that for a second … you get hit by ransomware and you get a demand for a ransom payment of tens of thousands of dollars, or more. Recently we’ve seen ransom demands go up as high as tens of millions of dollars. But there’s a chance that rather than having to shell out piles of your hard earned cash (in crypto form), you could, in fact, get what you need for free with minimal fuss or effort.
Sounds too good to be true, right? Like maybe you’re thinking that they only have decryptor tools for old encryptors that aren’t really being used anymore? Well, despite being just five years old today, No More Ransom’s tools have already been downloaded more than six million times, and have saved organizations an estimated $900 million in ransoms that didn’t have to be paid. In fact, the Project offers a staggering 121 free tools, which decrypt 151 ransomware families. So we’re talking about a project that is having a profound impact every day. See? You should totally check it out and tell all your friends about it!
The Project is a great example of what can be achieved with effective public-private partnership. The main backers are Europol, the Dutch Government, McAfee and Kaspersky. They have now recruited about 170 other partners from law enforcement, the private sector, and nonprofits around the world, which I’m guessing goes a long way towards helping them stay up to date with malware samples and decryption tools. Special shout outs should also go to Amazon Web Services and Barracuda for hosting the site.
Here’s the thing though, recently I co-chaired the Ransomware Task Force (RTF), which was brought together by the Institute for Security and Technology, to come up with recommendations for reducing ransomware on an international, societal level. As part of the RTF’s investigations into what is happening in the ransomware landscape, we spoke to numerous organizations that have suffered ransomware attacks, as well as, many of the entities they rely on to help them respond — law enforcement, cyber insurers, incident responders, legal counsel. We were surprised to discover that very few of the organizations we spoke with knew about the No More Ransom Project or thought to look there for free decryption tools before paying the ransom. This seemed to be particularly true in the US. Now granted, the tools have been downloaded 6 million times, so definitely some folks do know to look there, often encouraged by law enforcement teams, but there are clearly also many people and organizations who don’t know about it and should.
I suspect that the astonishing ‘six million’ figure is less about awareness and more about how incredibly prevalent ransom attacks have been over the past few years, which is why this project is so important and valuable. So help the No More Ransom Project celebrate its birthday by telling everyone you know about it. You can casually drop that $900 million saving stat into conversation — it’s so impressive I had to mention it twice.
If you’re interested in hearing more of me being incredibly enthusiastic about the Project, check out this week’s special edition of our Security Nation podcast. It features an interview with Philipp Amann, Head of Strategy at the European Cybercrime Centre (EC3), which is part of Europol.
As a tease for the interview, we’ll give Philipp the final word on the No More Ransom Project:
“No More Ransom offers real hope to the victims, and also delivers a clear message to the criminals: the international community stands together with a common goal – to disrupt this criminal business model and to bring offenders to justice.”