For anyone who has seen a ransomware lock screen like the one above, the first thought is panic. The next thought is …..
Now there is some organized help in the form of a web site supported by some real security powerhouses – Intel Security (AKA McAfee), Kaspersky, Europol cyber crime center and powered by Amazon web services and Barracuda.
Now they have been joined by Trend Micro, Checkpoint, Bit Defender and others.
The site recently added a way to decrypt 32 additional ransomware strains. During the first two months of operation, NoMoreRansom.Org helped 2,500 people avoid paying ransomware. To date, they have helped almost 6,000 people decrypt their files.
The portal was originally available in English. Now it is available in Dutch, French, Italian, Portuguese and Russian.
In addition, there are police involved from 22 countries and private organizations from around the world lending their help to the problem.
The web site asks the user for information and to upload a small sample file. It also asks for the text from the ransom message.
With that information, if the site can give you instructions to decrypt your files, it will do so.
In addition, the web site has instructions and tools for a number ransomware strains if you already know what “disease” you have.
Given the support for this web site from across the globe, I anticipate that it will add more capabilities over time.
While recovering from a ransomware attack is great if you can do it, what you really want to do is avoid being in that situation. That means training your employees, having really robust backups and implementing the best security you can afford. And if all that fails, having access to the best ransomware recovery tools available is a good thing. No guarantees, but a good thing.
Information for this post came from ZDNet.