Academic researchers have developed a novel idea to thwart blackmail virus attacks using firmware that can block write access to solid state disks (SSDs) as soon as it detects patterns that are appropriate for such an attack.
The idea for a smart firmware called SSD-Insider ++ was proposed by a research team of Korean and American computer scientists. “I thought it would be good if we could protect people who don’t have anti-conversion software installed on their computer with an internal anti-conversion SSD,” one of them, DaeHun Nyang, told The Registry.
The researchers presented their idea in a study called SSD-Insider ++, SSD-Assisted Ransomware Recognition and Data Recovery Techniques. Analyzing the study, The Register explains that SSD-Insider ++, which runs on the SSD controller, keeps its eyes open for patterns of drive activity that correspond to extortion attacks.
As soon as it is malicious detects activity, the mechanism disables input and output to the storage device, allowing users to remove the attacking process that initiated the encryption. SSD-Insider ++ is also reported to reverse data corruption in seconds by immediately restoring SSD performance
According to the researchers, SSD-Insider ++ was 100 percent successful against both “wild-type” and laboratory-created pests, and even reversed the damage within ten seconds. Best of all, thanks to the firmware implementation, the mechanism results in a delay of only 12.8 to 17.3 percent, and the reduction in baud rate was no more than 8 percent.
Hardware, software , tests, curiosities and colorful news from the world of IT by clicking here
