South Korean and US researchers have developed a new technology to protect against ransomware. This ransomware detection system is supposed to work in the firmware of an SSD, which then fends off or stops attacks and restores data.
Ransomware has been the plague of the last 10 years. Researchers even estimate that the cost of attacks could increase to as much as $2035 billion by 265. A group of South Korean and US researchers now claim to have found a solution to defend against ransomware. They have developed a system that works in the firmware of an SSD and detects attacks there, stops them and even restores data. The information on this was published in the library of the IEEE Computer Society page “SSD-Assisted Ransomware Detection and Data Recovery Technique”.
Ransomware defense technology in the SSD
The new ransomware protection should work in the firmware of modern SSDs (picture: Samsung).
The system in the firmware of the SSD should even be able to independently detect an attack with ransomware. The encryption pattern is recognized and the process is interrupted. At the same time, the system should retrieve old file versions from areas inaccessible for ransomware and replace the data. Similar to the versioning of cloud services. However, mirroring data naturally takes up space on the SSD and is therefore particularly interesting for constant dynamic data and not for long-term storage.
Encryption already stopped in the practical test
The researchers have already achieved some success in initial internal tests. According to its own information, all the attacks tested and encryptions carried out should have been stopped. The data damage is said to have been automatically repaired immediately. Also interesting: the system load of an SSD in everyday life: according to researchers, the latency time should increase by around 15 percent due to the permanent use of anti-ransomware technology. The system should only work on SSDs. According to the researchers, updating HDDs is not possible.
More at Computer.org