Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / CIO Issues / New Resource Fights Ransomware
New Public Resource Aims To Fight Ransomware
New Public Resource Aims To Fight Ransomware
By Jef Cozza / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
A new partnership between Dutch National Police, Europol, Intel Security, and Kaspersky Lab aims to help users recover their data after being victimized by ransomware attacks. Dubbed No More Ransom, the initiative offers victims informational resources to deal with attacks and tools to help them recover their data.

“For a few years now ransomware has become a dominant concern for EU law enforcement,” Wil van Gemert, Europol's deputy director operations, said in a statement. “It is a problem affecting citizens and business alike, computers and mobile devices, with criminals developing more sophisticated techniques to cause the highest impact on the victim’s data.”

The No More Ransom online portal will provide users with information on what ransomware is, how it works and, most importantly, how to protect themselves.

Your Money or Your Data

A ransomware attack is one of the most damaging types of malicious intrusions a network can experience. Ransomware is malware that locks victims’ computers or encrypts their data, and then demands ransom before giving control over the affected devices or files back to the users.

While the targets are often individual users’ devices, corporate and even government networks can be affected as well. The number of ransomware victims has risen by 550 percent in recent years, from 131,000 in 2014-2015 to 718,000 in 2015-2016, according to Kaspersky Lab.

We spoke with Jornt van der Wiel, a security researcher at Kaspersky Lab, about the effect such attacks can have on enterprise IT departments. He told us that ransomware is particularly effective at attacking businesses. That's because cybercriminals are aware that organizations are more likely to pay ransom since the data held captive is sensitive and crucial for business operations to continue, Van der Wiel said.

"In addition, some smaller organizations tend to pay because restoring backups costs are sometimes more than paying the ransom," he said. "Therefore we are providing tools at the No More Ransom Web site that will help those businesses infected by ransomware." In its initial stage, the Web site will provide users with four decryption tools for different types of malware, the latest developed in June 2016 to address the Shade ransomware variant.

Throwing Shade

Shade is a particularly nasty Trojan that emerged in 2014. The malware is spread by malicious Web sites and infected email attachments. After getting into a user’s system, Shade encrypts files stored on the machine and creates a .txt file containing the ransom note and instructions from cybercriminals on how to get the personal files back.

Shade use a strong decryption algorithm for each encrypted file, generating two random 256-bit AES keys: one to encrypt the file’s contents and the other to encrypt the name of the file. Authorities have managed to locate and seize the Shade command-and-control server, which contained 160,000 decryption keys for the Trojan. The keys are now available through the No More Ransom portal.

“The appearance of decryption tools is just the first step on this road,” Van der Wiel said in the statement. "We expect this project to be extended, and soon there will be many more companies and law enforcement agencies from other countries and regions fighting ransomware together.”

Tell Us What You Think


Karen Bannan:
Posted: 2016-07-26 @ 1:13pm PT
I like that you point out that it's not just PCs that can be infected. Any endpoint such as printers or even mobile devices can be infected and used not only for ransomware but also for other malware.

-Karen Bannan, commenting for IDG and HP

Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.