IBM says their latest AI-enhanced storage platform can identify ransomware in under a...

Shawn Knight

Shawn Knight

Posts: 15,296   +192
Staff member
Forward-looking: IBM has announced a new version of its FlashCore Module storage drive along with a new version of their Storage Defender software that, combined, can improve a customer's ability to detect and react to cyber attacks or ransomware.

As IBM highlights, existing FlashSystem products already scan all incoming data as it is being written, without impacting performance. The new AI-enhanced FlashCore Module 4 (FCM) is even more advanced, continuously monitoring stats gathered from every single I/O to look for anomalies like ransomware starting to encrypt data.

In testing, the new tech was able to detect a ransomware simulator called WannaLaugh in less than a minute.

The latest version of Storage Defender, meanwhile, expands on its core threat detection capabilities. IBM said it also added workload and storage inventory management capabilities to the software to help clients assess the extent of their apps and data, which could be helpful in quickly getting back online after an attack.

While both products can make an organization more resilient to an attack, IBM says they are even better together.

As an example, IBM said a storage admin can now create protection groups with specific volumes that are automatically backed up based on user-defined policies. Immutable copies of data could then be rolled out to multiple locations following an attack, and can even be stored on another cluster for an extra layer of protection.

IBM also highlighted the ability to create Safeguarded Copy snapshots, which are resilient point-in-time copies of data that can't be edited or deleted through malicious - or accidental - actions.

Defenses like these may sound like overkill but in the corporate world, there is no such thing as being overprepared. Getting caught with your pants down is no laughing matter, especially when time is money. As we've seen time and again, ransomware attacks can bring businesses and even city services to a dead stop. With some threat actors now using AI-based attacks, the only answer is to fight fire with fire.

Permalink to story.

https://www.techspot.com/news/102067-ibm-ai-enhanced-storage-platform-can-identify-ransomware.html

 
What we really need is this soft of thing on a global scale that not only shuts down ANY hacker, but ID's them to authorities and immediately initiates an arrest and prosecution.
 
In today's computer world, 1-minute is a very long time. How much would that ransom wear be able to do in that minute?

IMO, though some are going to disagree with my opinion, somewhat along the lines of what @Uncle Al said, we need something that monitors traffic between computers and/or internet traffic that can detect and stop ransomware/malware from propagating.

This current approach of stopping it when it has already landed on a target machine is a reactive approach that, more often than not, fails. Until something is done that is effective and proactive in nature, the ransomware/malware authors are just going to consider something like this as a challenge to overcome.
 
You must log in or register to reply here.

Similar threads

midian182
A ransomware group says it has stolen almost 200GB of data from Epic Games (updated)
Replies
5
Views
171
return
return
A
Ransomware operations made more than $1 billion in 2023
Replies
1
Views
146
brucek
brucek
A
Tumblr and WordPress blogs will be exploited for AI model training
Replies
4
Views
167
Vanderlinde
V

Latest posts

Back