The quiet scheme saving thousands from ransomware By Joe Tidy

Cyber-security reporter Published duration 26 July 2019

image copyright Getty Images image caption Ransomware outbreaks can cost large businesses and organisations millions

A free scheme to prevent cyber-attack victims paying ransom to hackers claims to have saved more than 200,000 victims at least $108m (£86m).

The No More Ransom project offers advice and software to recover computer files encrypted in ransomware attacks.

Founded by Europol, police in the Netherlands, and McAfee, it now has more than 150 global partners.

With 14 new tools introduced in 2019 alone, Europol says it can now decrypt 109 different types of infection.

"When we take a close look at ransomware, we see how easy a device can be infected in a matter of seconds," says Steven Wilson, head of Europol's European Cybercrime Centre (EC3).

'Memories disappear'

"A wrong click and databases, pictures and a life of memories can disappear forever.

"No More Ransom brings hope to the victims, a real window of opportunity, but also delivers a clear message to the criminals: the international community stands together with a common goal, operational successes are and will continue to bring the offenders to justice."

media caption Technology explained: what is ransomware?

Among the ransomware campaigns tackled by the project is GandCrab - one of the most aggressive in 2018.

Since the release of the first GandCrab tool in February 2018, nearly 40,000 people have successfully decrypted their files, saving roughly $50m in ransom payments.

In 2019, there has been a surge in ransomware attacks particularly aimed at large companies.

One company, Norsk Hydro, has already spent well over £50m recovering from an attack in March that halted production lines and locked staff out of their computers

In the US, multiple local government authorities have been hit with ransomware attacks, some choosing to pay hundreds of thousands of dollars to hackers.

image copyright No More Ransom

After South Korea, most web traffic to No More Ransom comes from the US.

However, the US is not a partner in the project. The full partners consist of 36 law enforcement agencies from Europe, Asia and South America.

The US should be doing more to help victims and tackle cyber-criminals, says Fabian Wosar, head of cyber-security company Emsisoft, which has donated more decryption tools to the project than anyone else.

Mr Wosar told BBC News: "Projects like No More Ransom have been crucial when it comes to fighting ransomware on a global level, with pretty much all major parties cooperating on a global and daily basis, sharing intel[igence] in real-time - except for the US.

"The US should consider the success of the No More Ransom Project to be a call to action.

"Better cooperation between the private sector and law enforcement could result in fewer ransom demands being paid.

"That would make cyber-crime less profitable and, consequently, reduce the financial incentive for groups to commit cyber-crime."