Ransomware is one of the most chilling type of malware floating around the internet: an attack that locks a user's files hostage behind an encrypted paywall. Universities, hospitals and even seats of government have fallen victim to these kinds of attacks, paying thousands of dollars in ransom to cyber-criminals in hopes of recovering precious data. Now, authorities and IT companies are fighting back. Intel Secruity, Interpol, the Dutch police and Kaspersky labs have teamed up to create No More Ransom, a web-portal with tool that help users remove ransomware without paying off their attackers.
At a glance, NoMoreRansom.org looks like a "best-practices" site, dispensing the usual prevention advice: use back ups, only open attachments from people you know and trust, use anti-virus software and so on -- but it also features ransomware detection and decryption tools. Users can upload encrypted files to see what kind of malware they're infected with, and then check to see if it can be removed with the 160,000 decryption keys at the organization's disposal.
Beyond simply helping infected users get back on their feet, the organization hopes to deter ransomware by reducing criminal income. "The biggest problem with crypto-ransomware today is that when users have precious data locked down, they readily pay criminals to get it back," explains Jornt Van der Wiel, from Kaspersky Labs. "That boosts the underground economy, and we are facing an increase in the number of new players and the number of attacks as a result."
It's an uphill battle -- and malware will probably never be eliminated entirely -- but it's a war worth fighting. Think you might be infected with ransomware? Check out the website at the source link and get your files checked.