NeuShield: Anti-Ransomware Innovation

The ransomware news continues to get worse with every passing month. Right now, Texas is the target, with multiple cities’ data locked down by hackers demanding $2.5 million in ransom. This is merely the latest string of such attacks. More, likely far worse incidents are on the horizon.

This is only logical. Ransomware attacks are profitable and fairly easy to perpetrate. There is little relief in sight. Existing countermeasures appear to be deficient. Insurance companies are citing the “war exclusion” in cyber policies to avoid paying ransomware claims if the attack is traced to a foreign government.

What can be done about this risk? One innovative approach that’s gaining traction is to rethink the architecture of data access. If vulnerable data makes ransomware so successful, then perhaps its time to make the data less exposed. This is what NeuShield is doing.

Marcus Chung

NeuShield is focusing on data protection, rather than systemic protection, to mitigate the ransomware threat. “Assuming the attacker can get in, and that’s a pretty good assumption these days, the best move is to make the data they target irrelevant,” explained Marcus Chung, who is on the Technical Advisory Board for NeuShield. “Let them encrypt the data they find. Fine. It’s not the data that’s actually in use. The attacker has just wasted his or her time on a worthless effort.”

The NeuShield Data Sentinel solution uses a technology they call Mirror Shielding. This provides a protective overlay for data. In the event of an attack, the original, working data is not corrupted. If ransomware succeeds in encrypting any data, it happens on the overlay. The original data is never modified by the attack. As a result, it’s comparatively easy for the end user to recover using the solution.

The protection process occurs without the need for data backups and disk I/O. It’s low overhead. “Files are protected at the file system level, at a lower level than a kernel driver,” Chung added. This also helps with accidental deletion. The solution works in tandem with exiting security solutions.



Photo Credit: lyndell23 Flickr via Compfight cc