Europol, the Dutch National Police, Security Kaspersky Lab and Intel join forces and introduce them ?? an initiative called No More Ransom. This is a new step in the cooperation between law enforcement agencies and the private sector to jointly fight ransomware. No More Ransom is a new online portal aimed at informing the public about the dangers of ransomware. Moreover, it helps victims to recover their data without having to pay ransom to cyber criminals.
Ransomware is a type of malware that locks the computer of victims and encrypts their data. After this ransom is demanded in order to regain control of the affected device or files. Ransomware is a big threat for law enforcement in the EU, almost two thirds of the EU Member States doing research on this form of malware attacks. Although often directed at devices of individual users are also affected businesses and even government networks. The number of victims is growing at an alarming rate: according to research from Kaspersky Lab, the number of users attacked by crypto true 550%, from 131,000 in 2014-2015 to 718,000 in 2015-2016. In the Netherlands, this even went from 814 to 9,967, an increase of no less than 1.224%.
NoMoreRansom.org
The aim of the portal www.nomoreransom .org is providing a useful online resource for victims of ransomware. Users can find information about ransomware, how it works and, most importantly, how to protect themselves. Awareness is essential, since there is no decryption tools are all currently existing forms of malware. If you get infected, chances are that the data has been lost forever. Conscious use of the Internet by following some simple cyber security tips can help prevent infection.
The project provides users with tools that can help them recover their data once they have been locked by criminals. In the initial phase includes four portal decryption tools for different types of malware, the latest was developed in June 2016 for the Shade variant.
Shade is a ransomware type Trojan that surfaced late 2014. The malware is distributed via malicious websites and infected e-mail attachments. After being entered into the system by the user, Shade encrypts files stored on the device and creates a .txt file with the ransom letter and instructions cybercriminals about what the user needs to do to regain the personal files. Shade uses a powerful decryption algorithm for each encrypted file, with two randomly generated 256-bit AES keys: one is used to encrypt the contents of the file, while the other is used to encrypt the file name
.
Since 2014, Kaspersky Lab and Intel Security more than 27,000 attempts to attack users prevented the Shade Trojan. The majority of the infections occurred in Russia, Ukraine, Germany, Austria and Kazakhstan. Also Shade activity was registered in France, the Czech Republic, Italy and the United States.
By working closely and sharing information between different parties, the Shade command & amp was; control server seized that was used by the criminals to store decryption keys, and the keys were shared with Kaspersky Lab and Intel Security. This helped them develop a special tool that can download victims through the No More Ransom portal so they can recover their data without having to pay the criminals. The tool contains over 160,000 keys.
Public-Private Partnerships
The project was set up as a non-commercial initiative aimed at under one umbrella bringing together public and private institutions. Due to the changing nature of ransomware, because cyber criminals develop new variants on a regular basis, the portal open to cooperation with new partners
Wilbert Paulissen, head National Crime Squad of the National Police:. “When Dutch police we can cybercrime and not only fight in particular ransomware. This is a joint responsibility of the police, justice, Europol and ICT companies, and requires a joint effort. That is why I am very satisfied with the cooperation of the police with Intel Security and Kaspersky Lab. Together we will do everything possible to disrupt the fraudulent activities of criminals and to restore files back to their rightful owners, without such a lot of money to have to pay. “
” the greatest problem with crypto true right now is that when valuable data of users are locked, they are easy to move to pay criminals to get it back. This gives a boost to the underground economy, resulting in an increase in the number of new players and the number of attacks. That situation, we can only change if we coordinate our efforts in the fight against ransomware. The emergence of decryption tools is just the first step on this road. We expect to expand this project and soon will be many more companies and law enforcement agencies from other countries and regions combat jointly ransomware “says Jornt van der Wiel, Security Researcher at the Global Research and Analysis at Kaspersky Lab Team.
“This initiative demonstrates the value of public-private partnerships in undertaking serious action in the fight against cybercrime,” said Raj Samani (pictured), EMEA CTO for Intel Security. “This collaboration goes beyond the exchange of information, consumer and off criminals, because we actually help to repair the damage caused to the victim. By restoring the access to their systems, we show users that they can take action and rewarding the criminals can occur over a ransom payment “
Wil van Gemert, Europol Deputy Director Operations, finally.: “Ransomware has become a major concern for law enforcement in the EU for several years. It is a problem that both citizens and businesses, and affects both computers and mobile devices. Criminals develop increasingly sophisticated techniques to produce the highest impact on the data of their victims. Initiatives such as the No More Ransom project show that linking expertise and joining forces is the best way to fight cybercrime successful. We expect a lot to help people regain control over their files, while also promoting awareness and the public informed about ways to keep their devices from malware. “
Report Always
Reporting doing ransomware with law enforcement agencies is very important to help the authorities a clearer overall picture given of the problem, and thus more capacity to counter the threat. the No more Ransom portal victims provides the ability to report a ?? crime, through a direct connection with Europol’s review of national reporting mechanisms.
If you’ve become somehow a victim of ransomware, we encourage you to ransom not paying. by paying you support the revenue of the cyber criminals. Moreover, there is no guarantee that you will regain access after payment to the encrypted data.
No comments:
Post a Comment