No More Ransom, the initiative launched to help victims of ransomware decrypt their files, celebrates its six-year anniversary today. Since the launch, it has grown from four partners to 188 and has contributed 136 decryption tools covering 165 ransomware families. In doing so, it has helped more than 1.5 million people decrypt their devices all over the world – with the project available in 37 languages.
In Southeast Asia (SEA), the project has helped nearly 30,000 ransomware victims from July last year to June end of 2022.
Geographical distribution of users in SEA who downloaded decryption tools from July 2021 to June 2022
The most number of users who made the most out of the free ransomware decryption tools are from Vietnam, Indonesia, and Malaysia.
Number of Times Kaspersky Tools Downloaded from July 2021 to June 2022
In terms of the number of times Kaspersky’s decryption tools were downloaded, Vietnam logged the most downloads in SEA followed by Indonesia and Thailand.
Ransomware encrypts valuable information stored on victims’ computers by infecting them using insecure and fraudulent websites, software downloads, malicious attachments, and through RDP (remote desk protocol) attacks and exploiting vulnerable internet-facing servers.
Criminals then seek ransom from the victim, promising to retrieve their encrypted data in return. This type of malware has been a cybersecurity concern for many years, with attackers targeting all types of stakeholders – from customers to enterprises – and evolving from separate gangs to full-fledged businesses with their own ecosystems.
To help people and organizations retrieve access to valuable information, the National High Tech Crime Unit of the Dutch National Police, Europol’s European Cybercrime Centre, Kaspersky and other partners jointly created the No More Ransom initiative in 2016.
On the official website, participants can publish decryption tools, guidelines, and instructions on how to report a cybercrime regardless of where it happened. These tools and materials have helped victims of 165 ransomware families get their data back without any payments. In addition to the decryption tools, the project also aims to spread information on how ransomware works and what measures can be taken to prevent infection.
Kaspersky is one of the founding partners who contributed to the 9 decryption tools, which helped to retrieve the data encrypted by 38 ransomware families. Since 2018, these tools have been downloaded 304,274 times.
“Ransomware is an effective way to get money from victims and remains one of the biggest cybersecurity concerns. In just the first three months of 2022, more than 74,000 unique users were found to have been exposed to this type of threat – and all these attacks were successfully detected. This has led to an increase in the tendency of helping these initiatives, and I’m extremely happy that we are able to assist people and companies in “restoring” their digital assets, without paying the attackers. This way we hit the criminals where it hurts – their business model – as users are no longer forced to pay to decrypt their data. We will keep on fighting ransomware with our existing and future partners,” said Jornt van der Weil, security researcher at Kaspersky Global Research and Analysis Team
To find further information on helping in the fight against ransomware, or to learn more about the No More Ransom initiative, please visit the initiative’s website at nomoreransom.org.