Google Drive Employs AI to Identify Ransomware

Uncategorized Mihnea


Ransomware has become an increasingly critical concern in recent times. Cybersecurity firm Mandiant disclosed that ransomware accounted for 21 percent of intrusion incidents last year. This escalating issue suggests that hackers and other malevolent entities have thrived, reaping millions from ransomware activities.

Google is striving to combat the ransomware problem with a new feature aimed at halting its spread and facilitating early detection. The company has launched an AI-driven capability for Google Drive for desktop, which identifies ransomware, pauses the syncing of compromised files, and enables users to easily restore modified files.

Google Drive for desktop is available for both Windows and Mac, with the feature accessible for both editions of the application. Nonetheless, a paid Google Workspace subscription is required to utilize the ransomware detection feature.

Ransomware functions by encrypting and locking users’ computer files, while the culprits demand payment for unlocking them.

Google states that ransomware has typically been treated as an antivirus challenge. While it is essential to prevent initial infections, Google has crafted a solution for when that primary line of defense fails.

The company has trained AI using millions of ransomware samples to identify signs of harmful file modifications. This AI-driven tool can spot attempts to encrypt or damage files, interrupting the syncing process. As described by Google, the tool establishes a “protective bubble around a user’s files.”

The ransomware detection feature in Google Drive for desktop operates automatically. Upon identifying ransomware, it suspends the syncing of compromised files and alerts users through desktop notifications and email, assisting them in restoring their files.

The purpose of the tool is to inhibit the dissemination of affected files to other users and devices within an organization. Ransomware seeks to extort money from users in exchange for file access. If the Google Drive for desktop tool allows users to revert affected files to their original condition, the attackers’ objectives are obstructed, even if a device is infected.