SC Congress 2018: How we recover once we've suffered a ransomware attack
SC Congress 2018: How we recover once we've suffered a ransomware attack

It's become so easy for anyone to pull-off a ransomware attack even an 11 year old could do it, Raj Samani, chief scientist for McAfee told delegates at a masterclass during SC Media UK Congress 2018 last week. Samani added that he even sent his 11 year old child to give a demonstration of the simplicity of conducting a ransomware attack when he was unable to make the presentation.

Samani highlighted that as WannaCry demonstrated, these days it is often unclear whether a ransomware attack is being used as a means of disruption for organisations and companies rather than genuinely seeking a ransom, as was the case with the NotPetya attack in 2017. According to Samani, “the way WannaCry was built, it wasn't built to make money” meaning that it was created to cause destruction to a huge amount of people. The increasing amount of ransomware attacks shows that “we as an industry have failed”.

Some 8,000 medical operations were cancelled in 2017 in hospitals around the UK due to the damage caused by WannaCry. One of the points made by Samani was that whilst in a hospital your only access to the outside world is via technology and the online network of the hospitals hit by the attack caused that to be taken away from patients so they had no access anymore whilst inside.

Samani added that cyber-crime is the only type of crime with a help desk, in that the hackers provide a way in which you can buy Bitcoin to pay off the hackers and hopefully access your network again. Although he continued by saying even if you pay the hackers you may not necessarily be able to get your files back or restore all of the damage that was done.

One point made by Samani was how do you tell someone with ransomware on their computer about how to fix it? It is difficult to tell someone how to fix a hacking problem when they are not used to that sort of subject matter. If you have been hit by ransomware, the advice is, don't pay the criminals, instead use a website such as No More Ransom that currently has 52 tools that can decrypt 84 different ransomware families.

Samani adds that we need to have another option when it comes to ransomware which is why a coalition of public and private organisations including McAfee, Europol EC3, Politie, and Kaspersky created this new approach to combat Ransomware (now joined by a wide range of supporting organisations).


Europol/EC3 one of the founders of No More Ransom is also at the sharp end of takedowns of cyber-criminal operations as demonstrated in this video (above) of a takedown in Romania.