In the last six years, European cops estimate that they have helped around 1.5 million people and organizations decrypt files that were locked by hackers with ransomware, saving around $1.5 billion.
Europol, the European Union law enforcement agency, announced the figures on Tuesday, a day that marks the sixth anniversary of the No More Ransom project, which brings law enforcement and private industry partners together with the goal of providing decryption tools and other support for ransomware victims.
The initiative was born when a Dutch telecom called the local police to alert it that its employees had found a command and control server inside its infrastructure used by a ransomware group, according to Marijn Schuurbiers, the head of operations at Europol’s European Cybercrime Centre, who worked at the Dutch police at the time.
When Schuurbiers and his colleagues seized the server, and when they started investigating the case, they realized the server contained the decryption keys that would unlock the files that the hackers had encrypted, Schuurbiers said in a press briefing on Monday.
“With these keys, we could immediately help victims of this ransomware scam. So I saw this opportunity,” Schuurbiers explained. “What if we could offer these decryption keys for free to the victims through a website?”
And that’s what the No More Ransom project has been doing for the last six years. As of today, the group offers 136 free decryption tools for 165 ransomware variants, including Gandcrab, REvil, and Maze, according to Europol.
Do you have information about ransomware attacks or ransomware groups? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wickr/Telegram/Wire @lorenzofb, or email email@example.com
Industry experts have praised the partnership between a government agency, the private sector, and victims.
“I think No More Ransom provides a valuable service and would love to see it expand its role,” Allan Liska, a researcher who specializes at tracking ransomware at cybersecurity firm Recorded Future, told Motherboard in an email. “I would also like to see what the breakdown by year of that $1.5 Billion is, I am guessing it looks a lot like a hockey stick graph.”
“Too many organizations are afraid to reach out to law enforcement when they have been hit by ransomware, often out of a misplaced fear that law enforcement is going to make it worse,” Liska added. “But, there are many things that law enforcement does, through channels such as No More Ransom, to help victims.”