Networking, MSP

No More Ransom (NMR) Project: Kaspersky Lab Rallies Partners

Kaspersky Lab is gaining momentum in its global efforts to combat ransomware. Indeed, The antivirus and Internet security software company recently announced its No More Ransom (NMR) project includes 76 partners. In addition, NMR is available in 14 languages that contain 39 free ransomware decryption tools.

NMR launched in July 2016. The project involves a collaborative effort between Kaspersky, Dutch National Police, Europol and Intel Security (now McAfee) to support ransomware victims.

The NMR platform serves as an online resource for ransomware victims. It provides users with free decryption tools for some ransomware variants, along with information on what ransomware is, how it works and how to protect themselves against it.

Global Momentum

NMR is generating global attention, and the following cybersecurity solutions providers in December joined the project as associate partners:

  • Bitdefender.
  • Emsisoft.
  • Check Point.
  • Trend Micro.

Since that time, the following ransomware protection tools were added to the NMR platform:

  • AVAST: Alcatraz Decryptor, Bart Decryptor, Crypt888 Decryptor, HiddenTear Decryptor, Noobcrypt Decryptor and Cryptomix Decryptor.
  • Bitdefender: Bart Decryptor.
  • CERT Polska: Cryptomix/Cryptoshield Decryptor.
  • Check Point: Merry X-Mas Decryptor and BarRax Decryptor.
  • Eleven Paths – Telefonica Cyber Security Unit: Popcorn Decryptor.
  • Emsisoft: Crypton Decryptor and Damage Decryptor.
  • Kaspersky: Updates on Rakhni and Rannoh Decryptors.

More than 10,000 ransomware victims have been able to decrypt their affected devices using the tools available on the NMR platform, according to Kaspersky. Also, more languages are expected to be added to the NMR platform.

How to Prevent Ransomware

Cybercriminals demanded an average ransom of $679 last year, up from $294 in 2015, Symantec reported. However, there are many ways to limit ransomware risks.

Ben Barker of remote monitoring and management (RMM) software company Continuum offered the following tips for MSPs to prevent ransomware from affecting their businesses and customers:

  1. Use dependable, multi-layered endpoint security. Reliable, multi-layered endpoint security empowers an organization to take a proactive approach to ransomware.
  2. Leverage backup and disaster recovery (BDR) solutions. A BDR solution ensures an organization's backed up data will be stored on a local appliance and can be replicated offsite to the cloud.
  3. Deactivate macros and autorun. Macros for Microsoft Office documents can be turned off in the Trust Center, which can eliminate many cyberattack vectors.
  4. Develop strong Windows Policies. Windows Policies enable organizations to block specific paths and file extensions from running and set up policy groups to further reduce ransomware threats.
  5. Teach end users about ransomware. Regular training sessions can teach end users about ransomware and the warning signs associated with it.

The bottom line: With the right approach, MSPs can manage ransomware threats consistently, Kaspersky Lab and its partners believe.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.