Ransomware is a malware that, once activated, encrypts all the files on a device. the only way to decrypt the files would be by paying the ransomware organization the money they demand, hence the “ransom”. From this alone, we know that ransomware organizations have questionable ethics at best regarding their reasoning for locking people out of their own devices and demanding payment in return. It is a horrible form of extortion that should never be condoned no matter what.
However, it so appears that some of these organizations do want to do what is right, even if it is only during these extreme and trying times. Some of the ransomware organizations have come forward stating that they would not target any health and medical organizations during the existing Coronavirus pandemic.
From a report published by BleepingComputer, it appears that they have reached out to many ransomware organizations such as DoppelPaymer, Ryuk, PwndLocker, Ako Ransomware with the intention of knowing if these organizations would continue targeting the health organizations in these times.
DoppelPaymer reportedly reached back to BleepingComputer the first stating that they do not wish to inconvenience the health organizations. In their words:
“We always try to avoid hospitals, nursing homes, if it’s some local gov – we always do not touch 911 (only occasionally is possible or due to missconfig in their network). Not only now.
If we do it by mistake – we’ll decrypt for free…But about pharma – they earn a lot of extra on panic nowadays, we have no wish to support them. While doctors do something, those guys earn.”
Maze also responded to BleepingComputer’s query in the form of a press release where they echoed the sentiments of DoppelPaymer. “We also stop all activities versus all kinds of medical organizations until the stabilization of the situation with virus”, the release said.
In addition to the dialing back of these ransomware organizations, even security companies are pitching into their part. Both the Emsisoft and Coveware organizations have announced that they would be offering “their ransomware services for free to healthcare during the pandemic”.
These services include the full suite of assistance required for devices that have been locked. Emsisoft and Coveware are offering a technical analysis of the ransomware, development of a decryption tool whenever required and if possible. In case the decryption method is not possible for whatever reason, they are also offering ransom negotiation, transaction handling, and recovery assistance. This includes replacement of the decryption tool supplied by the ransom holders with a tool made by these organizations so that the data can be recovered faster and with lesser loss.
What the world needs now is compassion and understanding. The health sector is already overburdened and understaffed throughout all countries, facing the brunt of the deadly virus. They really could do without more stress added by ransomware organizations.