Data files securing system
Publication Date: 2018-Jan-31
The IP.com Prior Art Database
Nowadays networks are being attacked by massive ransomware infections (eg WannaCry, Petya, etc.). Every ransomware is using new method of getting into machine, but all of them use similar methods to find which file to encrypt. Our inventions solves problem of having encrypted important files during such attack.
Ransomware are scanning file systems looking for files with specific extension - .doc, .xls, .ppts, .zip, .rar, .jpeg, .mp3. etc. We are proposing to create unique file extension for every file, so they can be used by dedicated software (eg Text editor, archive explorer, image browser, itc) but ransomware will not be able to distinguish if this is important file or not. We are proposing to use few parameters, to calculate hash based on that data and change extension of a file to that hash: • MAC address of a machine • IP • file extension • file size • license of a software used for handling those files We are proposing to take that information, put them together and count hash based on that. Specific algorithm is not important in this case, it can be known MD5 or SSL. Having that information and hash counted, we will have files with long and unknown extensions on machine: My_file.doc -> My_file.12323bbh23bh2120978dfs663bc8ndnd9dn287fnf928hr2 Such extension will be unknown for ransomware, so it will not know if to encrypt such file, so it will be untouched during next attack. Software using that file will have all needed information, so it will be able to encrypt that...