ShieldFS : A Tool Designed To Stop Ransomware Before Data Encryption

Latest research report shows that ransomware is attacking the computer users from the past few years and to get their encoded files back, they are asked for a ransom money to be paid in specific Bitcoin wallet addresses. There are plenty of file-encrypting viruses that are targeting not just the big organizations, but also energy infrastructure sectors, hospitals and the telecoms as well. Due to such vicious attacks, the security researchers have now developed a tool named “ShieldFS” that not only detect the presence of ransomware threats automatically before it encrypts the files stored onto it, but also recover your system data from backups. However, the creation of this anti-virus tool is not considered as a broad anti-virus platform just by its design.

ShieldFS

Meanwhile, ShieldFS utility only scans your machine for ransomware attacks and especially designed to detect the cryptographic algorithms of dangerous file-encrypting virus. It not only detects the well-known ransomware type threats, but can identify any kind of new ransomware attacks. The security experts who worked on this project says that the program is capable of detecting the ransomware attacks and to determine the process is benign or not. This software is crafted in a way that focused on reporting the file-encoder attack, instead just looking for its category and versions. ShieldFS can protect your PC from unseen versions of ransomware viruses before they turn out the most hazardous one in cyber world.

ShieldFS comes with a feature “Shadow Guard” which detects any kind of suspicious program from entering the computer system and takes it to an observation phase to check the capabilities of program and keeps a complete log about its working principles. In case, if the anti-virus concludes that the application is harmful for the system, it blocks the malicious code of the program from running and then restore everything that the malware infects from backup files. According to the researchers, they have tested ShieldFS with common ransomware types viruses like TeslaCrypt and CryptoLocker to the most hazardous one “WannaCry ransomware” that spiked in May 2017 and causes huge disruption.

One of the biggest limitaion of ShieldFS is that it can only prevent the system against the attack of traditional ransomware that scans a PC's directory and encode the files immediately stored onto it. However, the tool is not able to detect the ransomware which is responsible for locking user's computer. For instance, at the time of writing this security article, the tool cannot help the users to protect their machine from Petya variants attack that had stroked the Windows system users in Ukraine at the end of June 2017. Most important thing that you should know about ShieldFS is that it needs extensive privileges to scan all the data and activity of that computer. However, this anti-virus tool is not ready for implementing in the real world and is still only a research product.

Leave a Comment

Your email address will not be published. Required fields are marked *