The No More Ransom project celebrated its sixth birthday this week with a reminder of how far the initiative has come and the scale of its achievements over that time.
It claimed to have helped over 1.5 million victims to successfully decrypt their devices without resorting to pay their extorters.
No More Ransom now offers 136 free tools for 165 ransomware variants, including Gandcrab, REvil/Sodinokibi, Maze/Egregor/Sekhmet and many more.
This list is continuously expanding thanks to the work of the project’s public and private sector partners. Over 1888 of these organizations have already joined the scheme and regularly provide new decryption tools.
There have been over 10 million downloads of these tools during the past six years. Since its launch by Europol, the Dutch National Police (Politie), Kaspersky and McAfee, the project has gone truly global, and is now available in 37 languages.
“I’m extremely happy that we are able to assist people and companies in ‘restoring’ their digital assets, without paying the attackers,” said Jornt van der Weil, security researcher at Kaspersky's Global Research and Analysis Team.
“This way we hit the criminals where it hurts – their business model – as users are no longer forced to pay to decrypt their data. We will keep on fighting ransomware with our existing and future partners.”
Victim organizations are always urged not to pay the ransom as it will only encourage threat actors to continue targeting businesses. Instead, it’s advised they not only check out No More Ransom, but also contact the authorities, which may also be able to help.
In the US, investigators have even been able to retrieve cryptocurrency payments made to ransomware actors. That’s what happened in the case of $500,000 in payments made to North Korean actors recently.
A new study from IBM out yesterday revealed that victims who paid their extorters saw only $610,000 less in average breach costs. However, when the ransom is added to these costs it’s likely to push them much higher than those who refused to pay.