System for blocking a ransomware attack
Abstract
Provided is a system for blocking a phishing attack including a phishing attack prevention storage device, and an agent program which is installed in a user terminal or a service server and performs an interworking operation with the phishing attack prevention storage device when the user terminal or the service server is connected with the phishing attack prevention storage device via a network. According to the embodiment of the present invention, when there is an open request for the file stored in the phishing attack prevention storage device from the user terminal or the service server, the phishing attack prevention storage device may check a storage operation mode and create a fake file other than the open-requested original file when the storage operation mode corresponds to a list-only mode to return the fake file to the user terminal or the service server.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A system for blocking a ransomware attack as a system for a server for blocking a ransomware attack comprising:
a backup storage device which has a purpose for backing up the stored data in a server as a separate storage device which is physically independent from the server and includes a communication interface to enable a communication access to the server; and a service agent which is installed in the server to mediate the communication with the backup storage device, wherein while the backup storage device is storage-mounted on the server, after the data backup to the backup storage device for the storage data in the server is performed, when there is the lock command for the backup data backed up in the backup storage device, the backup storage device locks the corresponding backup data according to the lock command to process the locked backup data to be provided only in an uncorrectable read-only mode.
2 . The system for blocking the ransomware attack of claim 1 , wherein the data backup to the backup storage device is processed only when the backup command for the storage data in the server is made, and when the service agent transmits the backup command received to the server to the backup storage device and the backup storage device backs up the corresponding storage data according to the received backup command.
3 . The system for blocking the ransomware attack of claim 1 , wherein when the data correction command received from the server is transmitted from the service agent, the backup storage device confirms whether target data of the data correction command relates to the locked backup data, and when the target data is confirmed as the data correction command for the locked backup data, the backup storage device rejects the corresponding data correction command.
4 . The system for blocking the ransomware attack of claim 3 , wherein when the target data of the data correction command is the locked backup data, even in the case where the locked backup data is storage-mounted on a different storage device from the server, the backup storage device rejects the data correction command for the corresponding backup data received from the different storage device and processes the corresponding backup data to be provided only in the read-only mode.
5 . The system for blocking the ransomware attack of claim 1 , wherein the backup storage device includes a hardware switch or a software switch for unlocking the locked state set in the backup data, and
even in the case where the unlock command for the locked backup data is transmitted through the service agent, when switching to the unlocked state is not performed through an operating switching of the hardware switch or the software switch, the unlock command is rejected.
6 . The system for blocking the ransomware attack of claim 5 , wherein when the switching to the unlocked state is performed by the hardware switch or the software switch, the backup storage device releases the read-only mode for the backup data according to the locked state to switch the corresponding backup data into a data correctable state.
7 . The system for blocking the ransomware attack of claim 6 , wherein the switching to the unlocked state is able to select any one of a batch unlock mode performed for the entire backup data in the backup storage device and a selective unlock mode performed only for the requested backup data.Join the waitlist — get patent alerts
Track US2023132303A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.