Cyber (Photo: ShutterStock)
The attack, called ransomware, has become a global plague. Agencies like the City of Baltimore, or more recently the Dallas Police Department, have found themselves under attack that encrypted the information on their computers, deprived them of the ability to work and caused millions of dollars in damage. As unpleasant as it may be for a large body, when you are a small business or simply an individual, the business can be much more unpleasant. Although the practice is not recommended, many prefer to pay hijackers to get their information back. But because you're dealing with criminals, no one guarantees you that even if you pay, you'll get your information back.
The business has become so attractive to criminal elements that there has been real competition between attackers who use ransomware to extort unsuspecting victims. And it is precisely this unhealthy competition that is being exploited by the Israeli company CyberArk, which announced today (Monday) a free tool it has developed that can return your valuable information taken hostage.
Although the practice is not recommended, many prefer to pay hijackers to get their data back (Photo: GettyImages)
It turns out that in order to gain speed in attacks, some attackers simply "overlap" with encryption or use intermittent encryption, which encrypts only fragments of infected files and leaves parts of the original file visible, not encrypted. From the point of view of the simple user, it does not matter, because for that matter, Word or other software did not know how to read a file that was only partially encrypted, so access to the file from the victim's point of view is still prevented. But CyberArk takes advantage of this situation, and their new tool, White Phoenix, can recover the encrypted parts from the unencrypted footage, thus countering the ransomware attack and restoring access to your files - without having to pay the hijackers.
"We have encountered many cases where victims of ransomware attacks have been unable to recover information, even in cases where they have paid the ransom. So we wanted to find a solution as general as possible that could help as many victims as possible. White Phoenix provides a partial solution against many different ransomware groups, and can help various victims, including attacked organizations that can take the tool and use it alone and for free," said researchers Ari Novick and Amir Landau of CyberArk Labs.
White Phoenix currently supports PDF documents and partially Office documents, but it has been released as open source and they hope the community will expand its capabilities to include media files and others.
- technology
- Privacy & Security
Tags
- Cyber