UK's National Crime Agency joins fight against ransomware

Police on patrol

UK law enforcement has joined an anti-ransomware project that seeks to publish decryption tools for victims whose data has been locked by hackers.

The National Crime Agency (NCA) and 12 other countries' agencies are now members of No More Ransom, a Europol-backed initiative started by Intel Security, Kaspersky and the Dutch National Police over the summer.

Ransomware sees hackers encrypt people's data and demand a Bitcoin ransom in order to hand over the decryption key.

However, No More Ransom has managed to publish decryption tools for seven common types of ransomware, and in its first two months, more than 2,500 people used the online portal's tools -- especially CoinVault, WildFire and Shade -- to recover their data.

With the NCA, and 12 other countries' law enforcement agencies now working together, No More Ransom's founders believe even more decryption tools will appear on the site.

Jornt van der Wiel, security researcher at Kaspersky Lab, said: "The fight against ransomware succeeds best when law enforcement agencies and the private sector join forces.

"Information-sharing is the key to effective collaboration between the police and security researchers. The easier and faster it happens -- the more effective the partnership becomes. Getting more law enforcement agencies from different countries on board will, therefore, improve operational information-sharing, so that in the end ransomware will be fought more successfully."

IT Pro has asked the NCA how it plans to contribute to the project.

Aside from the UK, Bosnia and Herzegovina, Bulgaria, Colombia, France, Hungary, Ireland, Italy, Latvia, Lithuania, Portugal, Spain, Switzerland are all taking part in the scheme.

Since the first case of ransomware was spotted in 2012, Intel Security estimates it has risen 3,000% as financially-motivated hackers use it as their main method of attack.

More than 7 million ransomware incidents were spotted in the second quarter of 2016, according to Intel Security figures.

No More Ransom has helped people hit by ransomware avoiding paying 1.35 million since its launch.

Intel Security's EMEA CTO, Raj Samani, wrote in a blog post: "The ransomware threat has extended from individual users to systems belonging to businesses and life-saving organisations such as hospitals. Intel Security's Advanced Threat Research team has identified numerous ransomware attack scenarios targeting Internet of Things devices such as home automation systems and routers and in-vehicle infotainment (IVI) systems within connected automobiles."

"Europol is fully committed to supporting the enlargement of the No More Ransom project within the EU and internationally to respond to ransomware in an effective and concerted manner," said Steven Wilson, head of the European Cybercrime Centre.