ownCloud Combats WannaCry, Petya & Co: Announcement of More Ransomware Protection

Posted by Evi Richard – 5. July 2017

After the current waves of attack of ransomware WannaCry in May and its successor Petya a few days ago, agitation prevails in many IT departments: How can you protect your company against these attacks, which have the potential to destroy all files?

The economic damage is now already in the billions and CIOs are under great pressure to protect companies and their users from new attacks.

“Data Belongs in the Private Enterprise Cloud“

Tobias Gerlinger, CEO of ownCloud, makes a clear recommendation to enterprises: “Company data should not be stored on the computers of the individual employees, but in a private cloud. WannaCry has affected companies in more than 150 countries, especially companies operating on a global scale, where many employees still negligently store important data on their own computers. That’s just what ransomware is waiting for.“

Prevention with File Firewalls

ownCloud already offers the possibility to filter access requests for files on an ownCloud server with the ownCloud File Firewall using tags and criteria such as IP address range, device type, file size, subnet, region, time or group membership. If these rules are violated within a connection request, access to the file is denied.

Now the EFSS vendor announces further measures for ransomware prevention: An automated configuration script initiates a “blacklisting” of the well-known ransomware file endings in the ownCloud File Firewall, whereby these infected files do not gain access to the ownCloud server.

“Over 90% of the current ransomware attacks work with a renaming of the file ending. This can be effectively prevented,” says Holger Dyroff, COO of ownCloud.

File Recovery at Your Fingertips

Furthermore, ownCloud will be delivered with a feature for ransomware protection soon.

File versioning allows a roll-back that can be carried out at the push of a button, thus an earlier, unencrypted file version can be used. Thereby, a loss of data and productivity can be effectively avoided immediately after a ransomware attack. File integrity checking based on the calculation of checksums of communication between server and desktop client eliminates transmission errors (eg bit errors) and ensures that functional versions are available on the ownCloud server at any time, which is accessible in critical cases.

Increasing Data Security and Protection Requirements to Ensure Dynamic Growth

“Important data belongs to the private cloud, under the sovereignty of the enterprise IT. Only your own cloud offers security against the increasing cyber attacks and, at the same time, effective protection against industrial espionage. More and more companies are opting for a secure on-premise EFSS solution and thus, ownCloud,“ says Gerlinger. This is also shown by the figures: ownCloud, as one of the leading EFSS vendors grew by more than 60% in the second quarter of 2017 compared to the previous year and includes large companies such as ZF Friedrichshafen, Deutsche Bahn, and Airbus among its customers. Currently, the company is targeting other data protection technologies, such as an end-to-end encryption plug-in that will be available soon.

More information can be found here: https://owncloud.com/security/