Ransomware is a type of malware that infects a user’s system, encrypts part or all of the system, and displays some kind of message demanding payment from the user for decryption. The No More Ransom Project is a recently launched EU-Dutch based IT Security group working on teaming up with Intel Security and various Law Enforcement agencies (13 currently) throughout the world to fight ransomware.
They provide various free guides and educational resources to teach people what ransomware is, how it works, and how to defend against it. They even have a free decryption tool for victims of ransomware attacks of the most well known viruses. During their first two months of being active they managed to decrypt data for more than 2,500 victims and keep more than $1 million of ransom out of the hands of cyber criminals.
This was interesting to me because it got me thinking about what partnerships between private industry cybersecurity groups and law enforcement agencies look like. I imagine one example could involve law enforcement confiscating computer systems from known cyber crime groups and handing them off to a private industry cybersecurity group.
Those two groups in coordination remind me of when the FBI asked for Apple’s help in unlocking the iPhone of one of the San Bernardino shooters. Apple took a stance and decided to not cooperate as much as legally possible. Ultimately, the FBI ended up, allegedly, unlocking the iPhone without Apple’s help. I’ve always perceived that, at least in the United States, tech culture is significantly defined by an anti-government attitude, especially when it comes to surveillance. No More Ransom tackles a malware issue that is different from surveillance issues so the situation is a little different but interesting nonetheless.
Would the FBI join or support a group like No More Ransom in an official capacity? How likely is this to happen when they have their own division dedicated to cyber crime specifically like ransomware?