The Russian Ministry of Internal Affairs plans to accelerate its fight against ransomware by establishing a special unit within the ministry.
The new unit will focus on the investigation of such type of cyber-crimes and more active cooperation with some Russian leading IT vendors in the design of decryption solutions.
Europol together with a number of national policing organisations and private companies already runs a similar service called No More Ransom, a primary feature of which is the NoMoreRansom.org website which hosts a number of decryption tools designed to help victims decrypt their data. The site has been translated in to 13 world languages including Russian.
According to Europol, in recent years extortion viruses have become one of the major cyber-threats for both the EU and Russian citizens, which is reflected by the fact that the number of cyber-attacks associated with ransomware has significantly increased both in Russia and the EU in recent years.
Private users have been a primary target of these cyber-attacks for many years, but recently the number of attacks on businesses and even state networks has increased rapidly.
As Vladimir Semenov, a senior officer involved with fighting cyber-crime in the Russian Ministry of Internal Affairs, told SC Media UK the main problem with extortionists is that very often their victims decide to pay them, as they do not see any other way to regain access to their data. This creates conditions for the further attacks.
The situation is aggravated by the fact that more than 90 percent of the victims of such crimes do not contact the police. In the case of Russia, according to Semenov, the imperfect local legislation in the field of cyber-space often complicates investigation of such cyber-crimes. In addition, in the majority of cases police conduct searches of a cyber-criminal only in the case of his location within the territory of Russia.
According to data of the Ministry, last year the number of cyber-attacks with the use of encryption programs on the computers of Russian users exceeded one million, which is only slightly less with the number of such attacks in the entire EU (except UK).
According to him, modern extortion programs use high-quality cryptography, while its encryption often requires special keys, however in the majority of cases the decryption of affected files and programs is almost impossible.