As we blogged before, ransomwares cost consumers and businesses huge amounts of money. For 2016, the total cost is estimated to be $1 billion globally but WannaCry and its successor Petya do more than hitting headlines. One company, Reckitt Benckiser, known for Dettol cleaning products, Nurofen tablets, Durex condoms and more, warned investors it could lose $120 million in lost revenue due to the Petya attack. Danish transport and energy firm Maersk and FedEx’s delivery subsidiary TNT Express were both hit so hard they were still recovering earlier this month.
It is difficult to deal with Ransomware and while frequent backups are helpful, Nextcloud has decided to get involved in helping combat the damages of an attack. We’re proud to present you the Ransomware Protection app!
Notification of potential ransomware
Developing some protection
In the aftermath of the recent attacks, users have been asking: do public or private cloud solutions provide protection against Ransomware? To some degree, they do – these services often provide access to older versions of files and are backed up. But none really do much in pro-active terms to help. With the massive costs our users and customers see themselves confronted with, one Nextcloud developer has put together an app which helps protect users against Ransomware.
Ransomware comes in many varieties. In most cases, it encrypts user data, creating new files with a different last name and removing the older files. It also puts in place a file which contains instructions on how to get the files ‘unlocked’ again.
The Ransomware Protection app makes use of this characteristic. It detects common file names used by ransomware and responds by blocking further uploads and warning the user and administrator, who can then take action. As the sync client is constantly syncing, this should leave very little window between the last legitimate modification of user data and the malicious activity. However, if something made it through, users can still rely on the ability to restore older versions of files on the server.
protection temporary disabled.
Features and limitations
The protection offered is not complete. Some ransomware uses random filenames and very generic terms for the instruction files, thus offering little opportunity for detection and prevention. New ransomware also shows up regularly. However, an estimated 95% of the current ransomware can be caught and partially or fully stopped in its tracks and we will maintain the app, possibly adding more protection mechanisms. But, for more thorough protection, we still strongly suggest users to follow the instructions from the FBI and other cyber security organizations. Those include installing special anti-ransomware apps or using virus scanners which feature ransomware protection!
The app offers some configuration for the system administrator. New file extensions, file name patterns and instruction file names can be added or removed in response to new threats or to minimize disruption and false positives. Enterprise monitoring applications can catch the notifications in the logs while administrators also get notified in their administrator account when a user decides to ask for help.
Today, US-based file sync & share vendor Kiteworks announced their acquisition of ownCloud and Dracoon. Kiteworks points out that their customers now have access to their file-sharing application. It is to be expected they will not maintain 3 similar products, but customers will have to migrate to the US firms’ platform or look for another […]
As part of Schleswig-Holstein's state digitization strategy, the state chancellery has announced they will work with Nextcloud to develop AI for working with government documents. This comes just after we announced the first private AI assistant last weekend with Hub 6. The German state already uses Nextcloud and their AI strategy aligns with our work on ethical, local AI technologies.
Over the last year, AI has become a popular topic. Some is hype, some is substance. Some is good, some is bad. We want to give you the good, not the bad, and ignore the hype! AI has a ton of opportunity – but also risk. So we put you in control – off by […]
The serious security flaws in ownCloud (now owned by Kiteworks) do NOT affect Nextcloud. We have strict security processes in place, and do not ship test data from libraries that can cause security breaches.