As digital technology is introduced across society, news regarding cyber threats is becoming more frequent, particularly concerning ransomware.
Do you all know what ransomware is?
"Ransomware? I've heard that PCs can get infected, but I don't know exactly what it is!"
-----------------------------------------------------------------------------------
【Ransomware】
: Malicious code that encrypts a computer user's files and demands money in return
In other words, it's malicious code that takes control of a user's PC or encrypts data, then demands money in return if you want to restore it to normal. You can understand the term ransomware more easily by thinking of it as a combination of the words ransom and software.
Ransomware is an unavoidable presence when it comes to cybersecurity. That's why several posts on this topic have been uploaded on the Cyberdigm blog. However, as the years go by, ransomware attacks are not decreasing; rather, they are becoming more diverse and powerful.
There is even a surge in service-type ransomware, where hackers create ransomware on behalf of clients. Even if one's skills are not outstanding, they can engage in cyberattacks through service-type hacking tools. Attackers not only create these tools but also provide customer service and satisfaction surveys, becoming increasingly organized.
Cyberdigm's document centralization is a solution that can ensure document security without any issues even in the face of ransomware attacks!
So, what are the features and functions of Cyberdigm's document centralization that enable it to block ransomware?
All programs have access? NO! Only approved programs have access!
Where do you store your work output, i.e., documents? Most of you probably store them on your personal PC. Ransomware typically starts by infecting the user's PC and then spreads to the server storage.
Storing documents on personal PCs is not a safe method from a security standpoint. In contrast, document centralization stores all outputs on a central server. Therefore, you only need to keep the central server where the documents are stored secure!
"But what if the central server is attacked? Isn't that a big problem?"
Don't worry, not just any program can access it! When working on documents stored on the central server, a virtual secure area called a sandbox is created on the user's local PC. Only approved programs can access it using a whitelist method. Therefore, unauthorized programs like malicious ones cannot access the server at all!
Prevent access by malicious programs! Work through the sandbox!
"Some recent ransomware is said to be unaffected by the whitelist method. Wouldn't we be helpless then?"
'Fileless Magniber ransomware' is one such ransomware that bypasses the whitelist method. Since there is no program itself, the whitelist method of approving only authorized programs is ineffective. In 2018, one of Cyberdigm's clients was attacked by fileless Magniber ransomware!
The reason there was no significant problem despite the powerful fileless Magniber attack is that the original file stored on the server is not directly modified during work! Cyberdigm's document centralization solution creates a virtual secure area called a sandbox when working on documents stored on the central server, and instead of directly modifying the original file, it modifies a proxy file and then uploads it to the server. Even the latest ransomware cannot directly work on the original files in the server, so documents stored on the central server can be perfectly protected!
What if it gets infected? Easily restore through version control!
"What if ransomware infects the document being worked on in the sandbox area?"
As mentioned above, when working on documents stored on the server, the modifications are made in a virtual area as a proxy file and then uploaded to the server. The worked-on document is saved as a new version. Therefore, if a document is infected with ransomware, you can resolve it by deleting the infected document and restoring the previous version using the version control feature! I thought the version control feature was necessary for document record management, like checking the latest work version or reviewing past records, but it can also be used for file recovery! Isn't that amazing!