Cybersecurity Insight

TeslaCrypt Decryption Key Handed Over

2 Jun

In a rare turn of events, the creators of the ransomware TeslaCrypt actually turned over the very key that unlocks their malicious program. An analyst at ESET happened to notice that TeslaCrypt was slowly shutting down over the past few weeks. On a whim, he requested that the TeslaCrypt decryption key be released and, surprisingly, it was!

Obviously this doesn’t happen with most – or, potentially any – ransomware creators. Either they keep the decryption key hidden completely until the ransom is paid, or a user happens to get lucky by finding the key online and posting it for victims to use at their leisure. We’ve written about this regarding Petya, but it’s rare enough and the former normally takes place.

Now, should everyone start poking a sleeping bear, or in this case a ransomware creator, and ask them for the key to their livelihood? Probably not. At the same time, you shouldn’t have to pay the ransom either if you’ve taken care of your protected files, network, servers, and anything else that could potentially be locked down and controlled by a malicious attack. Something as simple as backing up protected data to a separate, offline storage area is all it takes to make sure your environment isn’t bogged down by something as preventable as a ransomware attack.

Covering ransomware ad nauseam across the media happens because it is one of the more pervasive attacks out there: last year alone, the Federal Bureau of Investigation registered 2,453 complaints about ransomware incidents that cost users a total of more than $1.6 million. The instance with ESET and TeslaCrypt is promising, but trusting hackers to give over anything without a price tag attached is naive. Time will tell with the TeslaCrypt outcome, but until users continuously monitor their data and perform backups as needed, ransomware will continue to be the go-to cyber attack for hackers across the Internet.