This is a post series on cyber crime. For more posts click here or the cybercrime tag below.
When you lived or ran a shop in NYC back in the days before the Guiliani administration you had to take special measures to protect your home or business. You put multiple lock on the doors and you put steel grates or panels over the windows and doors of you business. All because nobody was enforcing the laws back then.
Well the internet is sort of going the same way with malware and ransomware, so the same sort of enhanced security is going to be needed. Especially with ransomware there is an need for software that goes beyond the typical antivirus or malware app that you have now.
I have some ideas. This is software that could enhance the safety of your file and prevent the ransomware from trashing everything.
- A software that makes a designated drive hidden or locked so that it’s only visible to authorized software. This could be used a floating backup or directly by applications. the key thing is that I cannot be directly accesses by an unauthorized app. The software could be sold with a removable drive as a backup protection.
- An OS tool that monitors the number of read/writes that an app does and if it reads and rewrites too many file aborts the process and asks the user to validate the process. With an internet check of the process’s bona fides.
- An app that makes it easy to set the file extensions and allows the user to either set custom files extensions for common software and change the defaults of say MS Word or Excel or apply random extensions. Ransomware uses the file extensions to determine which files to encrypt to avoid trashing the machine the malware is running on. It won’t encrypt files that it can’t see.
- An app that allows the user to limit the accessibility of drives and folders. Unix used to have this built in and it was a useful tool for protecting files.
That’s it for now. these are just some ideas off the top of my head, but I’ve done a little thinking about how to do most of them. I don’t have the resources to pursue actually coding what I want but if it doesn’t look like somebody else is working stuff like this I may change my mind.
That’s it for this week. Here’s the week in ransomware.