The new Cigent secure SSD+ can survive ransomware attacks!
According to a security firm’s announcement, they have introduced a flash drive that can effectively safeguard against ransomware attacks. The Cigent Secure SSD+ is specifically designed to prevent malware from stealing or encrypting stored data.
The flash drive is equipped with an advanced onboard processor that utilizes machine learning algorithms. It actively monitors access to the drive and automatically restricts any suspicious activity. The company asserts that this product represents a novel strategy in the battle against ransomware attacks, as it offers preventive solutions rather than reactive measures after the attack has occurred.
Tom Ricoy, the chief revenue officer at Cigent, explains that conventional endpoint detection and response (EDR) products operate on a “detect and respond” basis, meaning they only kick in after an attack has taken place. In contrast, Cigent’s new flash drive implements an automated attack prevention mechanism as close to the data as possible, directly within the storage device itself. This proactive approach ensures that attackers are effectively blocked from holding files for ransom, even if EDR has been bypassed.
The Cigent Secure SSD+ utilizes machine-learning technology to prevent ransomware attacks!
In addition to the Cigent Secure SSD+, the company also provides Secure SSD devices that secure users’ data via full-disk encryption. These devices also support multi-factor authentication. Furthermore, Cigent leverages its Data Defense Software as a Service (SaaS) to fully encrypt endpoint system data. The flash drive is compatible with the Data Defense platform, and in the event of detecting ransomware, it triggers a company-wide lockdown.
In the event of detecting ransomware, the Cigent Secure SSD+ enforces a “Shields Up” status that may result in the temporary suspension of business operations. This status requires multi-factor authentication to access files, and users are limited to read-only access with no ability to modify, encrypt, or edit. IT and security personnel can monitor drives, set policies, and manage them using the Cigent Secure SSD+. Additionally, regular users will not be able to access the protected data.
Professor Bernard Van Gastel was asked by The Register to comment on the Cigent Secure SSD+. He explains that to effectively prevent ransomware attacks, it is essential to be able to detect them accurately and have efficient measures to deal with them.
Promoted contents:
He suggests that patterns in how the drive is being used can be used to detect ransomware. For example, if all the data is being overwritten or a significant amount of data is being written to the drive in a short amount of time, this may indicate that ransomware is active. However, false positives and false negatives need to be properly calibrated to avoid locking the system down or allowing ransomware to work.
He also notes that locking the contents of the drive can prevent additional data changes, but there may already be data loss since detection is always “after the fact.”
Furthermore, Professor Van Gastel points out that the company acknowledges the possibility of false negatives in its datasheet. Although the new flash drive may not offer complete protection, it can still help mitigate the risk of ransomware attacks. However, users may need to accept the risk of system downtime due to false positives.
In addition to using the Cigent Secure SSD+, it is important to maintain a reliable backup and recovery system. While this may not completely solve the issue of ransomware attacks, it can provide some time to address the problem.
Although the Cigent Secure SSD+ is a positive step towards preventing ransomware attacks, there is still room for improvement. Nevertheless, the ransomware detection provided by the device can greatly benefit businesses.
Recommended for you:
