We are excited to announce the official launch of the No More Ransom project, which is a collaboration of law enforcement and IT Security companies working together to disrupt criminal businesses with ransomware connections. The “No More Ransom” portal began as an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky Lab and Intel Security – with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals. Amazon Web Services (AWS) was brought into the No More Ransom Initiative to host the online portal, and based on our close relationship with AWS and our AWS Security Competency, Barracuda was brought into the project to help keep the portal secure with our Barracuda Web Application Firewall for AWS.
You’ll see a lot more from Barracuda and from this initiative regarding our efforts to stop ransomware. Check back often for updates!
Ransomware Fightback Takes to the Cloud
Guest post by Raj Samani, EMEA CTO Intel Security (@Raj_Samani)
“How many visitors do you expect to access the No More Ransom Portal?”
This was the simple question asked prior to this law enforcement (Europol’s European Cybercrime Centre, Dutch Police) and private industry (Kaspersky Lab, Intel Security) portal going live, which I didn’t have a clue how to answer. What do YOU think? How many people do you expect to access a website dedicated to fighting ransomware?
If you said 2.6 million visitors in the first 24 hours, then please let me know six numbers you expect to come up in the lottery this weekend (I will spend time until the numbers are drawn to select the interior of my new super yacht). I have been a long-time advocate of cloud technology, and its benefit of rapid scalability came to the rescue when our visitor numbers blew expected numbers out of the water. To be honest, if we had attempted to host this site internally, my capacity estimates would have resulted in the portal crashing within the first hour of operation. That would have been embarrassing and entirely my fault.
Indeed my thoughts on the use of cloud computing technology are well documented in various blogs, my work within the Cloud Security Alliance, and the book I recently co-authored. I have often used the phrase, “Cloud computing in the future will keep our lights on and water clean.” The introduction of Amazon Web Services (AWS) and the AWS Marketplace into the No More Ransom Initiative to host the online portal demonstrates that the old myth, “one should only use the cloud for non-critical services,” needs to be quickly archived into the annals of history.
To ensure such an important site was ready for the large influx of traffic at launch, we had around the clock support out of Australia and the U.S. (thank you, Ben Potter and Nathan Case from AWS!), which meant everything was running as it should and we could handle millions of visitors on our first day. This, in my opinion, is the biggest benefit of the cloud. Beyond scalability, and the benefits of outsourcing the management and the security of the portal to a third party, an added benefit was that my team and I could focus our time on developing tools to decrypt ransomware victims’ systems, conduct technical research, and engage law enforcement to target the infrastructure to make such keys available.
AWS also identified controls to reduce the risk of the site being compromised. With the help of Barracuda, they implemented these controls and regularly test the portal to reduce the likelihood of an issue.
Thank you, AWS and Barracuda, and welcome to the team! This open initiative is intended to provide a non-commercial platform to address a rising issue targeting our digital assets for criminal gain. We’re thrilled that we are now able to take the fight to the cloud.