Fighting Ransomware with Safehouse

Let’s face it: We’re losing the fight against hackers penetrating our networks with data-encrypting ransomware. Hackers hold our data hostage, demanding outrageous ransoms to be paid in bitcoin, or else your data will be deleted  or worse  shared to millions on social and public websites.

Why are we losing the ransomware battle?

There are many technical reasons why, but the primary reasons are quite simple. Firstly, traditional anti-virus programs and software applications depend on a constant stream of updates to keep your network protected. Just like a vaccine, updates are typically in response to a threat that has already happened. Ensuring that updates are applied effectively has proven woefully inadequate to protect our data.

Second, advances in ransomware and virus technology have made it easier for non-technical criminals to deploy attacks. Criminals can now download a ransomware package from the dark web and deploy it just as easily as we download a movie on Netflix.

Lastly, criminals have realized that ransomware is highly profitable with little risk of getting caught. One small business ransom payout could be worth thousands of dollars.

It is no wonder that according to Bitdefender’s Mid-Year Threat Landscape Report 2020 ransomware attacks have increased 715% year-over-year. With the growth of work from home due to COVID-19, we may see this rise even more in the coming months.

There’s a better way to fight ransomware

Organizations that manage highly sensitive data or sites like militaries and nuclear power plants have long recognized that the only way they can fully protect their data is by using a technique called air-gapping. In effect, air-gapping disconnects data from the network so it cannot be physically connected to or accessed.

This fool-proof method (although researcher Mordechai Guri showed no method is truly fool-proof!) unfortunately has a few major drawbacks when used on a typical home or business network. Most notable is that you need to manually disconnect and reconnect the drive from the network. This may work for backing up some data that you don’t intend to access on regular basis. However, for data that’s actively used and/or shared on the network, it’s just not practical.

Is there a way we can provide the benefits of air-gapping without the hassle and inconvenience of physically disconnect the data? Rewind to late 2019, our WiebeTech digital forensics engineering team was challenged with this very question. That’s when they came up with Safehouse.

Safehouse is the easiest and best way to enjoy the benefits of hardware-based air-gapping without the inconvenience of having to constantly connect and disconnect a storage drive from your computer.

Creating a ransomware-proof backup

At WiebeTech, we’ve developed a patented technology called writeblocking that ensures data collected from storage media like external drives are protected from any modifications from the host computer.

Safehouse uses this same technology to protect your data by blocking any access to that data unless you’re accessing the data with a trusted application. All other applications (including viruses) are blocked and the circuitry disconnects the storage device from the host computer.

This hardware-based approach is done without the need for any special software or updates to ensure protection. The key to ensuring that your data remains electrically disconnected from your computer is assigning a trusted application that the system recognizes as trusted to reconnect.

For our first implementation of Safehouse, we’ve partnered with NovaBackup to use their award-winning backup application as the trusted application in conjunction with our ioSafe Duo to create what we believe is the perfect fire, water, and ransomware-proof backup solution for small businesses, individuals, and teams.

Although this product isn’t ready for general sale yet, we’re interested in your feedback. Are you a security professional that would like to take Safehouse for a test drive? A backup or disaster recovery solutions developer or provider looking for a hardware-based solution looking to increase your ability to protect data? We’d like to hear from you! Email us at safehouse@iosafe.com to apply to join our beta test.

 

Originally published Oct 14 2020, updated Oct 14 2020

Robin Wessel

Robin Wessel

Executive Vice President, CDSG

Robin has overall responsibility for organizing the development of the strategic direction of CDSG, ioSafe’s parent company, as well leading the sales, marketing, and engineering organizations. During his free time, Robin enjoys cycling, skiing, and kite surfing in the great Pacific Northwest.

Related Blog Posts