Method and system for countering ransomware
First Claim
1. A method for protecting processor data from ransomware in a system having a processor, an external drive, and a hardwired connection between the processor and external drive for transmitting the processor data to the external drive, said method comprising:
- interposing an open air gap switch having a normally open state in the hardwired connection to normally establish a fully open circuit in the hardwired connection preventing data transfer between the processor and external drive unless the air gap switch is in a closed state;
manually initiating an authorized data transfer of processor data from the processor to the external drive via the hardwired connection by actuating the air gap switch to a closed state; and
re-establishing the air gap in the hardwired connection after completion of an authorized data transfer by returning the air gap switch to the open state.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems and computer readable media are provide for protecting stored data from ransomware. In an embodiment, the data is stored in an external drive connected to the processor. The connection between the processor and external drive is interrupted (e.g., open) except during a data transfer between the processor and the external drive. Connection of the processor to the external drive, permitted for a time period specified by a user or until the transfer of data is complete, occurs in response to manual actuation of a control means interposed between the processor and external drive and optionally, an indication from the user computing system that malware has not been detected on the device. The control means may be a mechanical switch or a fingerprint authentication device.
53 Citations
23 Claims
-
1. A method for protecting processor data from ransomware in a system having a processor, an external drive, and a hardwired connection between the processor and external drive for transmitting the processor data to the external drive, said method comprising:
-
interposing an open air gap switch having a normally open state in the hardwired connection to normally establish a fully open circuit in the hardwired connection preventing data transfer between the processor and external drive unless the air gap switch is in a closed state; manually initiating an authorized data transfer of processor data from the processor to the external drive via the hardwired connection by actuating the air gap switch to a closed state; and re-establishing the air gap in the hardwired connection after completion of an authorized data transfer by returning the air gap switch to the open state. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for protecting processor data from ransomware comprising:
-
an external data storage drive for storing data having a hardwired connection to a processor for transmitting processor data to the external drive; and a selectively actuable interface interposed in said hardwired connection, said selectively actuable interface including a normally open air gap switch which defaults to an open state and interrupts the hardwired connection between the processor and the external data storage drive except during authorized data transfer between the processor and the external data storage drive, wherein the air gap switch reconnects the processor to the external data storage drive only in a closed state of the air gap switch, said closed state being attained only in response to manual actuation of the selectively actuable interface by a user. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification