When your computer systems are infected with ransomware, you may think you only have two options: pay to (maybe) have all your data decrypted by the hackers or start the long and arduous process of restoring everything.
Those two options have their pros and cons. Paying the ransom can be a quick fix, but it’s also a dice roll since the hacker is also an untrustworthy criminal and doing so encourages more cybercrime. Restoring systems yourself can be a lengthy process and can drag the whole thing out for several weeks and take your company away from it actual work.
However, what if the decryption tools you needed were already publicly available?
According to Europol, there just might be. The European Union’s law enforcement agency on Monday called attention to No More Ransom, an initiative of the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and McAfee. There are 170 total partners from the public and private sector, and the portal is available in 37 languages.
A more modern and user-friendly No More Ransom website was recently launched to mark the project’s fifth year.
However, the U.S. government appears to lack any involvement with this initiative, although many U.S.-based cybersecurity and technology companies are listed as partners. Some of those include Microsoft, Cisco, Coveware, Datto, Fortinet, Symantec and Verizon.
According to the website, there are 121 free tools that can decrypt 151 ransomware families, but the website makes no mention of tools to decrypt REvil, Conti, Ryuk, NotPetya and other well-known ransomware strains. However, DarkSide – which was responsible for the attack on Colonial Pipeline – is included on the website’s list. The website also includes links to various law enforcement agencies to report ransomware.
More than six million people have been able to use tools from No More Ransom to recover their data, saving around $1 billion, Europol says.
“The general advice is not to pay the ransom,” the website says. “By sending your money to cybercriminals you’ll only confirm that ransomware works, and there’s no guarantee you’ll get the decryption key you need in return.”