Researching ransomware can be daunting these days. The victims are piling up, the money being paid to hackers is exorbitant, and the chances of getting ahead of this threat seem grim.
If you look hard enough though, you can find the ‘heroes’ in every situation. Today, I was made aware of a new website, www.nomoreransom.org, where law enforcement and IT security companies are collaborating on a free, educational resource for victims (and potential victims) of ransomware. Their purpose is to educate the public of the threat and make all of us aware that WE DONT HAVE TO PAY THE RANSOM!
This project is amazing and there are three big reasons it should be on your radar as it continues to expand
1. Crypto Sheriff: You’ve been hit by the most recent version of the worst ransomware ever. You have a work deadline, school paper due or you need to access an e-copy of your birth certificate.
Whatever the reason you have for accessing that data, it’s probably time sensitive. The last thing you need in your life right now is to have to pay a strange hacker on the other side of the world $600 so you can access your files again.
So, DONT! Go to the Crypto Sheriff page to find out what type of ransomware has taken hold of your files. You can upload the actual file to see if there’s a solution available. I highly recommend you also take advantage of the open entry spot on the page where you can enter in file names, keywords, domain names and any clue as to the type of ransomware. Many of the file names have the name of the ransomware in it. For example: KryptoLocker_README[.]txt, _Locky_recover_instructions[.]txt, [filename].crypt, etc.
2. Free decryption tools: Once you know which ransomware you’re dealing with, you can download the appropriate decryption tool to unlock your system or files. The handy how-to guides will walk you through each step. This project is still in its early phases, but as it matures you can expect more versions of ransomware decryption tools to become available.
3. Report a ransomware crime: Now you can report that ransomware to your local (US or European) law enforcement agency. The Report USA button will take you to the FBI Internet Crime Complaint Center. Save all of the details of your incident, as it’s much easier for the FBI to prevent these crimes if they know exactly what they are fighting.
As a security professional, I look at this great reference tool and can’t help but think of suggestions to make it even better, including:
- More decryption tools! Decryptors for Bart, PowerWare, and AVG free tools decrypt the recent ransomware strains Apocalypse, BadBlock, Crypt888, Legion, SZFlocker and TeslaCrypt.
- More community involvement! Kaspersky and Intel Security are top-tier malware experts, but the rest of the world should be contributing as well. Input from security companies with malware researchers and/or are developing decryption tools would be invaluable in this fight.
- More FREE Prevention and Awareness Training! Most end users don’t know what ransomware is or what to do when it hits. This resource is a great opportunity for the security sector to come together to educate the public.
While educating the masses will help us turn back the tide of ransomware, the first step to protecting yourself is the simplest: BACKUP YOUR SYSTEM.
This will allow you to have the power! If you are locked from your computer and thieves already have access to your information, don’t pay, let them have it because chances are that they’ve already taken what they wanted and regardless of payment, will do with it what they originally had intended. If your files are backed up, there’s nothing for them to bargain with. You can simply start from where you left off, and while it will definitely be an inconvenience, it won’t be a costly mistake.