Ransomware has become a lucrative criminal business model. Professional gangs use this type of software for securing important files until a ransom is paid. Tesorion is there to protect the world against this, and to make it difficult or even impossible for cybercriminals to use this software. An example of this is the way Tesorion approached “Nemty”, a globally distributed ransomware. Thousands of computers had been infected with this virus. An amount of 1,500 euros per person was demanded from the victims, for the release of their stolen data. It did not come to this in many cases, fortunately. Tesorion managed to crack the software, even though it was seen as “impenetrable”. “What we do is continually searching for a mistake that the creator made when he coded the software”, says Rick Hofstede, technical director at Tesorion. “And we succeeded. We cracked Nemty, and we gave victims access to their personal files again using a so-called decryptor. This meant that they did not need to pay a ransom to the criminals behind Nemty. Tesorion received worldwide attention and brand awareness because of this. In fact, the criminals behind Nemty announced that they would stop exploiting this ransomware in April 2020, and Tesorion’s efforts were mentioned as motivation by several news sources.
Tesorion has made the decryptor publicly available so that all victims of the Nemty ransomware can defuse the virus themselves. The impact of neutralising Nemty is difficult to determine. “The only thing we know for certain is that we have been in contact with more than a thousand victims ourselves”, says Rick. “All of them would have had to pay 1,500 euros. You are already talking about over 1.5 million euros, then.”
There are always many threats, however, so Tesorion always remains vigilant. The company continues to look for solutions to the global problems of cybercrime. They collect and research information daily, to make businesses less vulnerable to cybercrime. Tesorion works on the cybersecurity of its customers both in and outside the country with its 160 employees, 24/7. Their focus lies with “detection & response”; revealing threats and responding adequately to prevent damage. Tesorion is one of the top 5 Dutch companies in cybersecurity.
TLN is organising a series of webinars and interactive Q&A sessions on cybersecurity in the coming months, in collaboration with Tesorion and REQON. They want to arm entrepreneurs against cybercrime. The purpose of these webinars is increasing awareness and offering concrete and practical tips for entrepreneurs. Interested? You can register for the next webinar on July 1 here.
Date: 25 June 2020 |