Public-Private Team Leads Assault on Ransomware


Ransomware has become a scourge on the Internet -- but two information security companies, along with a pair of law enforcement agencies, this week launched an initiative to do something about it.

No More Ransom is the centerpiece of a collaborative effort involving Kapersky Lab, Intel Security, the Dutch National Police and Europol. The new portal aims to educate the public about ransomware -- a form of malicious software that locks a computer or mobile device until a ransom is paid.

In addition to explaining how ransomware works and how to protect against it, the site helps victims avoid paying off Net bandits through tools capable of unscrambling data scrambled by some strains of malware.

"The biggest problem with crypto-ransomware today is that when users have precious data locked down, they readily pay criminals to get it back," said Jornt van der Wiel, a security researcher at Kaspersky.

"That boosts the underground economy, and we are facing an increase in the number of new players and the number of attacks as a result," he added. "We can only change the situation if we coordinate our efforts to fight against ransomware."

For an effort like No More Ransom to be effective, its sponsors need to build public awareness of the site, noted Nathan Wenzler, principal security architect at AsTech Consulting.

"It's absolutely a step in the right direction, but promotion is key so that people take note of the steps listed in the site before they're infected rather than after the fact," he told the E-Commerce Times.

The site itself does a good job of centralizing information about ransomware, observed Marc Laliberte, an information security threat analyst at WatchGuard Technologies.

"A lot of the information isn't new," he told the E-Commerce Times. "It's been floating around the Internet and echoed by all sorts of people, but this the first site that I've seen that really takes every piece of the puzzle when it comes to defeating ransomware and puts it all on one site."

The No More Ransom initiative is a bit unusual because it's a noncommercial initiative aimed at bringing public and private institutions under a single umbrella.

"I've seen a lot of security organizations come out with their own advice, but I've never seen a nonprofit like this that cares about people and helping them fix their problems," said Charity Willhoit, an intelligence analyst with Armor.

"The truth is, most people are not going to be able to go out there and buy tools and buy advice from a security company," she told the E-Commerce Times. "Having this free opportunity on the open Web is just perfect, because the majority of the victims are going to be people, not organizations."

That separates No More Ransom from the typical public-private partnership.

"This collaboration goes beyond intelligence sharing, consumer education and takedowns to actually help repair the damage inflicted upon victims," noted Raj Samani, EMEA CTO for Intel Security. "By restoring access to their systems, we empower users by showing them they can take action and avoid rewarding criminals with a ransom payment."

The site can make a valuable contribution in the fight against ransomware just by bringing attention to the problem.

"Preventing ransomware requires a high degree of awareness, but awareness of ransomware now is abysmally low," Seclore CEO Vishal Gupta told the E-Commerce Times.

The site's offering of tools to decrypt, or unscramble, files garbled by ransomware is also a welcome service.

"It's useful to be able to get these kinds of decryption tools from a reliable source rather than just searching for them online," said Cyberreason CISO Israel Barak.

"A lot of people get infected with secondary malware or even additional ransomware when they look for solutions and decryption tools by clicking the first link they see on Google," he told the E-Commerce Times.

Users -- especially business users -- need to remain vigilant about ransomware, warned Craig Spiezle, executive director of the Online Trust Alliance.

"There are new variants of ransomware online every day. These variants are not targeting you and me as desktop users. They're being very precise and targeting specific companies," he told the E-Commerce Times. "Ransomware is evolving. It is no longer a crime of opportunity. They're no longer looking at the $500 hit. They're looking at the $50,000 payoffs."

John Mello is a freelance technology writer and contributor to Chief Security Officer magazine. You can connect with him on Google+.

0 Comment

Leave a Reply

Captcha image


  • 5300c769af79e

    Bitdefender Total Security Multi-Device 2017

    Compare Similar ProductsCompare Kaspersky Total Security (2017) %displayPrice% Webroot SecureAnywhere Internet Security Complete (2016) %displayPrice% Comodo Internet Security Complete 8 %displayPrice% McAfee Total Protection (2016) %displayPrice% Trend Micro Maximum Security (2017) %displayPrice% Bitdefender Internet Security 2017 %displayPrice% Kaspersky Internet Security (2017) %displayPrice% Trend Micro Internet Security (2017) %displayPrice% Webroot SecureAnywhere Internet Security Plus (2016) %displayPrice% Symantec Norton Security Deluxe (2017) %displayPrice% McAfee Internet Security (2017) %displayPrice% McAfee LiveSafe (2016) %displayPrice% Symantec Norton Security Premium %displayPrice% For $89.Shared Suite FeaturesEven though the standalone antivirus offers a ton of features, Bitdefender Internet Security 2017 brings plenty of additional security goodness.
  • 5300c769af79e

    Friday Poll: How Important is Your Smartphone's Camera Quality?

    No one can argue that in the past few years, smartphone cameras have improved tremendously.The last time we asked this question, the majority of people claimed that while picture taking was important, it wasn’t a deciding factor when selecting a phone.
  • 5300c769af79e

    Nextbit Robin Gets a Nougat Beta With Help From Paranoid Android

    The company announced the Nougat beta today through a community forum post, even mentioning that the update should be live for current beta participants.Members of Paranoid Android, the popular ROM, actually helped the Nextbit dev team to create a “faster, less power-hungry OS” and push out Nougat this quickly.
  • 5300c769af79e

    Is Google Home Ready for Your Family?

    As it positions its Google Home as a flexible virtual assistant, it doesn't seem to know what to do if a Google home is full of different people with different tastes.If you don't like it, don't buy a Google Home.