Europol’s free ransomware decryption tools save businesses £88m

Graphic depicting ransomware

Free decryption tools provided by Europol has saved organisations his by ransomware from paying out more than $100 million to cyber criminals.

The No More Ransom campaign was launched by the European Union Agency for Law Enforcement Cooperation, known more commonly as Europol, in 2016 in association with a number of cyber security firms.

More than 200,000 victims have downloaded the agency's free anti-ransomware tools to date, meaning criminals have lost out on $108 million (approximately 87.6 million) in profit, according to figures released by Europol on the initiative's third anniversary.

The GandCrab ransomware alone, considered among the most successful and aggressive strains, has led to 40,000 decryptions using No More Ransom's tools, which prevented criminals from scoring $50 million.

Since its inception in July 2016, the multinational co-operation has released 82 tools free of charge to businesses, with those tools targeting 109 ransomware families. This is in addition to three million website visits to date.

Furthermore, there are now 151 partners who feed into the project, comprising 42 law enforcement agencies, five EU agencies and 101 public and private organisations. These include cyber security firms like McAfee, Avast and Bitdefender.

South Korea alone is responsible for 21.5% of all traffic to the project, followed by the US and the Netherlands, with 9.5% and 7.5% of traffic respectively.

"When we take a close look at ransomware, we see how easy a device can be infected in a matter of seconds," said the head of Europol's European Cybercrime Centre Steven Wilson. "A wrong click and databases, pictures and a life of memories can disappear forever.

"No More Ransom brings hope to the victims, a real window of opportunity, but also delivers a clear message to the criminals: the international community stands together with a common goal, operational successes are and will continue to bring the offenders to justice."

In the time that No More Ransom has been running, the scale of the threat facing businesses has exploded. Despite a fall between 2017 and 2018, UK organisations experienced a 195% rise in attacks in the first half of 2019.

This has been explained by a preference among cyber criminals for ransomware as a service (RaaS) tools, as well as open-source malware kits coming down in cost, according to a report by SonicWall.

Last week also saw ransomware attacks take down critical public infrastructure in sites across the world. These included the energy supply in the city of Johanessburg, South Africa, and the IT systems of three school districts in the US state of Louisiana.

The scale of success for Europol's No More Ransom campaign is illustrated by the fact it saved organisations 6.5 million only two years ago, versus almost 100 million now.

Keumars Afifi-Sabet

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.