Google deployed on Tuesday a new AI tool in the reader for the office which, according to him, will take a break to limit the damage of the ransomware, but that will not stop attacks.
The model, available to the chocolate factory, has been “formed on millions of real world ransomware samples”, searches for signs that can indicate ransomware – such as crypt attempts or to corrupt a large number of files – then take a synchronization break from affected files, which prevents a broader propagation. Drive for Desktop is Google’s SYNC application for Windows and MacOS that keeps local stage files with cloud storage.
This desktop player then sends an e-mail alert or an office notification to the reader’s user, guiding them to restore their files via “a few clicks,” Googlers Luke Camery and Kristina Behr said in a Tuesday blog.
The recovery capacity works on “traditional software”, including Microsoft Windows and Office, added the duo. In addition, the model constantly analyzes file changes and draws the intelligence from virustotal threats, which, at least in theory, should help it detect variants of malware and unique attack behavior.
The new capacity is activated by default, but administrators can deactivate detection and catering for end users, if necessary. Administrators can also receive alerts in the administration console for any detected ransomware activity.
It is available in open beta version on Tuesday, and Google says that these detection, alert and restoration of ransomware files are included in most of the work spaces of works without additional costs. Consumers also receive restoration of files at no additional cost.
And although this represents an important additional defense layer against ransomware – which, as Camery and Behr point out prevent Ransomware attacks, which, on average cost each victim more than $ 5 million.
“The objective is to limit the damage of ransomware attacks, preventing them from spreading on the networks with this new protective layer,” said Google Workspace Security and Privacy spokesperson The register.
This layer is added to antivirus (AV) products, which should detect and then quarantined the malicious code, preventing ransomware from crossing the door. But if AV has succeeded entirely, we would not see any ransomware attack. Instead, we made the headlines of daily newspapers and an increasing number of data encryption incidents and extortion.
The new detection fueled by Google Drive “helps prevent ransomware from doing what should be most effective: corrupt important files and make them unusable,” wrote Camery and Behr.
But that will not stop the scourge entirely. ®