Experts found new way to combat ransomware and recover files without paying ransom

Ransomware has become one of the most common threats in the information security world, as mentioned by website security audits specialists. Recently, Chance Coats, Xiaohao Wang and Jian Huang, members of a group of researchers from the University of Illinois, published an investigation in which they expose the idea of using a computer’s basic storage devices to protect the files and avoid paying the ransom of a cyberattack.

“It is possible to use for user protection the features of the flash-based storage available on almost all computer equipment nowadays”, researchers mention. “The main objective is to devise a method of protection against ransomware attacks, in which hackers encrypt the information of the user and then demand a rescue to restore it”.

According to website security audits specialists, the flash-based solid state units mentioned by experts are part of the storage systems of most modern equipment. When you modify a file on your computer, the solid state disk saves the most recent version to a new location, rather than deleting the previous version immediately; there’s the key to fight ransomware attacks.

In case of infection, there is a way to return to the previous versions of the file thanks to a tool designed by the investigators. The tool is still in development, so at least for now there may be some drawbacks.

“When you want to write new data, it must be saved to a free block or to a block that has already been deleted”, the website security audits said. “A solid state drive removes older versions in an effort to clear blocks in advance, but since our drive keeps old versions intentionally, you may have to move previous versions before typing new”.

This is a drawback between the deleted files retention duration and the performance of the storage system. If this tool was configured to hold data for too long, older versions that are not needed will remain in the system and will occupy storage space.

The more old versions of the files are retained in the system, the longer it takes to respond to regular storage requests, so it will decrease performance. On the other hand, if the file retention lapse is too short, all files may not be saved, which will serve as backup in the event of a malware attack.

In any case, specialists from the International Institute of Cyber Security (IICS) mention that this approach to combat ransomware has attracted the attention of some of the most important technology and security firms in the world, so experts are expected to soon find the support needed to boost their research.