Global security technology company, Bitdefender, has joined the No More Ransom initiative supported by Europol. By joining, Bitdefender would contribute to the global fight against ransomware – “the fastest-growing cyber threat to date.”
According to a Bitdefender study carried out in the United States last year, ransomware comes second among the top concerns of CIOs of medium and large companies – 13.7 percent of the interviewed companies perceive ransomware as a hard-to-tackle threat. Simultaneously, half of individual victims are willing to pay up to $500 to recover encrypted data.
“With estimates of ransomware induced financial losses nearing the billion dollar mark by the end of 2016, traditional security mechanism and technologies have fallen short of a complete defense against this type of threat,” said Bitdefender’s Chief Security Strategist, Catalin Cosoi.
Free Decryption Tools
Now that Bitdefender is part of Europol’s No More Ransom initiative, the company is providing free decryption tools, offering ransomware victims the possibility to decrypt their files without having to pay criminals to do so.
The decryption tools developed by Bitdefender have been added to nomoreransom.org, an online portal available in English, Dutch, French, Italian, Portuguese and Russian.
No More Ransom was launched in July 2016 by the Dutch National Police, and Europol, among others, introducing a new level of cooperation between law enforcement and the private sector to fight ransomware together.
Here are 11 steps that could help users stay safe from ransomware:
- Patch or update your software to avoid known vulnerabilities from being exploited and used to infect your system
- Back up your data
- Enable the “Show hidden file extension” option. This will help identify suspicious files that have been named “.ZIP.EXE” and prevent their execution
- Companies, meanwhile, are strongly encouraged to:
- Use an endpoint security solution
- Patch or update all endpoint software and webservers
- Deploy a backup solution
- Disable files from running in locations such as “AppData/LocalAppData” and deploy policies that restrict users from executing malware
- Limit users from accessing mapped network drives
- Protect email servers with content filtering solutions
- Educate employees on identifying spear-phishing emails and other social engineering techniques.
- Use a well-known security suite