New method to fight ransomware and recover files without paying ransom
Ransomware has become one of the most common threats in the information security world, as mentioned by website security audits specialists. Recently, Chance Coats, Xiaohao Wang and Jian Huang, members of a group of researchers from the University of Illinois, published an investigation in which they expose the idea of using a computer’s basic storage devices to protect the files and avoid paying the ransom of a cyberattack.
“It is possible to use for user protection
the features of the flash-based storage available on almost all computer
equipment nowadays”, researchers mention. “The main objective is to
devise a method of protection against ransomware attacks, in which hackers
encrypt the information of the user and then demand a rescue to restore it”.
According to website security audits
specialists, the flash-based solid
state units mentioned by experts are part of the storage systems of
most modern equipment. When you modify a file on your computer, the solid state
disk saves the most recent version to a new location, rather than deleting the
previous version immediately; there’s the key to fight ransomware
attacks.
In case of infection, there is a way to return
to the previous versions of the file thanks to a tool designed by the
investigators. The tool is still in development, so at least for now there may
be some drawbacks.
“When you want to write new data, it must
be saved to a free block or to a block that has already been deleted”, the
website security audits said. “A solid state drive removes older versions
in an effort to clear blocks in advance, but since our drive keeps old versions
intentionally, you may have to move previous versions before typing new”.
This is a drawback between the deleted files
retention duration and the performance of the storage system. If this tool was
configured to hold data for too long, older versions that are not needed will
remain in the system and will occupy storage space.
The more old versions of the files are retained
in the system, the longer it takes to respond to regular storage requests, so
it will decrease performance. On the other hand, if the file retention lapse is
too short, all files may not be saved, which will serve as backup in the event
of a malware attack.
In any case, specialists from the International
Institute of Cyber Security (IICS) mention that this approach to combat
ransomware has attracted the attention of some of the most important technology
and security firms in the world, so experts are expected to soon find the
support needed to boost their research.
Gloss