Let’s highlight the work of No More Ransom, which turns five years old today. The project has helped over six million ransomware victims and saved almost 1 billion euros in payments. It’s a public-private partnership between law enforcement and industry leaders. The project helps recover encrypted files, raise awareness of threats, and provide direct links to report attacks.
And speaking of decryptors, Kaseya has obtained the universal decryptor from a “third party”, and cannot confirm nor deny any ransom payment was made. The tool has been confirmed to be effective by third parties.
Why do we care?
I’ll make my case for disclosure notification right here – the first is a collaboration that helps users, the second leaves too many unanswered questions.
Did Kaseya pay off the ransom? Apparently we won’t know – an uncertainty that I find uncomfortable. Two questions providers should ask. The first. How are executives compensation tied to security? And second, what are their policies regarding security vulnerabilities? This move by Kaseya shouldn’t be surprising as their policies are not researcher nor disclosure friendly. Two questions to ask your vendors.