Registered US & Korean Patent Technology. PCT Patent Pending.

hybridwormdisk-symbol

Registered US & Korean Patent Technology. PCT Patent Pending. 

01

Why don't existing anti-virus and behavioural detection programs protect your data against new cyber attacks?

If our PCs and servers are exposed to malware, we can not keep our data safe, as our data can be encrypted or transferred to hackers. So, to prevent our data from being compromised, a new stronger defense technology is required.

Existing anti-virus programs and behavioural detection prevention programs are not enough to protect our data. This is because they’re a software program running over the OS kernel, which means they can be stopped by malware first.

And, in case of anti-virus programs that use signature-based pattern matching algorithms, it cannot keep up with new malware that’s being released everyday.

In case of abnormal behaviour detection programs, it’s too ambiguous to define an activity as a malicious attack. If it’s to loose, then it’s vulnerable to attack. If too strict, then even normal programs can be blocked.

Furthermore, If malware threatens a level of the kernel, like SAMBA vulnerability attack, FDE (Full Disk Encryption) attack or MBR (Master Boot Record) attack, all current types of prevention programs fail to protect the data.

Also, there is a strong possibility that anti-virus and behavioural detection prevention programs could be running malware simultaneously on the same PCs. Technically, they cannot protect data from malware. To make it more secure, you can back up your data.

However, backing up your data is just a remedy and not a prevention solution.

Backing up was originally designed to recover the whole system if your system went down, not just your data.

Because of that, if you choose to only back up your data to compete with malware, it can be a very heavy solution. So, we need an effective and efficient data prevention technology.

02

What is Hybrid WORM Network Storage Technology?

Hybrid WORM Network Storage is secure data storage which protects and secures your data, even if your PC and server are already exposed to malware.

To protect your data securely, Hybrid WORM Network Storage stores your data on separate network storage, not on a local disk in your PC and server. It provides a network drive to PCs and servers like a conventional file server. However, it also has three security modes which can protect data from any kind of malware running on your PC and server. This includes military-grade encryption mode, create-read-only mode and create-list-only mode.

It supports military-grade encryption and decryption mode including AES 256 & AES 512. When data is created on the file server through network drives on PCs and servers, it stores data under encryption. And when it needs to provide a file to PCs or servers, it decrypts data in real time and sends data over SSL (Secure Socket Layer).

It also has the create-read-only mode option to prevent ransomware. Existing file servers always allow applications on PCs and servers to create, read, modify and delete files on a network drive. So, whenever applications try to modify and delete files, it always allows them to modify and delete files.

Unlike a conventional network storage, Hybrid WORM Network Storage has a create-read-only mode. Once the create-read-only mode is enabled, Hybrid WORM Network Storage works like a CD-ROM writer. It only allows an application to create and read data on that network drive except modifying and deleting.

So, even though ransomware runs on PCs and servers, they can not encrypt the data on that network drive. This is because Hybrid WORM Network Storage only allows applications to create and read the file except when modifying (or encrypting) files.

In case users or admins want to modify and delete files, Hybrid WORM Network Storage allows the designated application, like Windows file explorer, to modify and delete files on that network drive. So, users and admins can modify and delete files on that network drive but malware and any other applications cannot modify or delete files.

Not only that, but Hybrid WORM Network Storage can run as the create-list-only mode for phishing attacks. If your PCs and servers are connected to the network, you can not ensure your data won’t be transferred to the hacker’s server. Moreover, you would have no idea that your files are copied out through the network. 

Hybrid WORM Network Storage technology has a create-list-only mode. Once the create-list-only mode is enabled, this works like a CD-ROM Writer with a fake file system. 

It always allows applications to create a new file and list names of files and folders on the network drive. But it only provides a fake file when applications read that file. Only when reading a file with 2FA code or a designated application, it provides a real file to applications. Users and applications can see the list of files but can not open them. 

Instead, Hybrid WORM Network Storage provides a fake file to the PC, stating “This is a fake file, please open the file again with the right authentication code and designated application.”

If Hybrid WORM Network Storage is compared to other existing prevention methods, Hybrid WORM Network Storage is the only prevention storage solution that prevents malware.   
 
In the era of the cyber attack, your data can’t be secured using traditional protection technologies and conventional storage devices. All these technologies do not have the necessary security features to protect files from ransomware and phishing attacks. Hybrid WORM Network Storage technology protects your data from any kind of malware.
 AntiVirusBehaviour DetectionBackupHybrid
WORM Disk
Known
Ransomware
Prevention
OOOO
Prevention of new/variant
Ransomware
XOOO
Block forgery/encryption
of data (Read Mode)
XOO
Structurally separated from Operation System XXOO
Utilization of storage spaces by enabling editingXXOO
Convert existing file server to Hybrid WORM DiskXXXO

03

How does Hybrid WORM Network Storage technology work on PCs?

Hybrid WORM Network Storage can provide a network drive to PCs with a create-read-only mode. Under this mode, It only allows applications on PCs to create a new file and read a file with a read-only file attribute. Even though ransomware runs on PCs, they can not encrypt the data on that network drive. This is because it only allows any application to create and read the file except modifying (or encrypting) files.

One exception to the rule is Windows File Explorer. Hybrid WORM Network Storage allows Windows File Explorer to modify and delete files. So users can create, read, modify and delete data on a network drive with Windows File Explorer as usual.

04

How does Hybrid WORM Network Storage technology work on Servers?

Hybrid WORM Network Storage can provide a network drive to application servers with a create-read-only mode. Under this mode, It only allows applications on the server to create a new file and read a file with read-only file attribute.

Even if the Root account is compromised on the application server, the root account cannot delete or encrypt the data if that data is on the network drive provided by Hybrid WORM Network Storage. Because it only allows to create and read the file on the network drive. 

In case admins or developers want to change files on that network drive, they can modify and delete files after turning off the create-read-only mode on Hybrid WORM Network Storage. Right after changing the mode, admins or developers of the application server can update or delete files on that network drive like a conventional network drive.

05

How is Hybrid WORM Network Storage Technology Made?

​Hybrid WORM (Write Once Read Many) Network Storage Technology has been developed by FilingBox. The Filingbox team found this technology by accident while developing a network drive interfaced EDMS (Electronic Document Management System).

Existing EDMS (Electronic Document Management System) are usually difficult to use and have bad user interfaces. They normally ask the user to type in some metadata into a web-based form, which made it difficult for users to register new files to the EDMS.

To make the registration process easier for users, FilingBox has been developing the network drive interface EDMS over the last 13 years. They were looking to combine registering files to EDMS with saving files to PC’s network drive. Once a user saves a file on a network drive, FilingBox server automatically registers the file with automized metadata such as author, date, etc.

Because of the network drive interface, FilingBox runs as a file server daemon which has EDMS features such as check-out/in and versioning etc.

While continuing to develop a file server with EDMS features, one of our developers made a create-read-only file server by accident. We didn’t mean to make a ransomware prevention solution first, but that’s just what happened.

We noticed that it would be the only way to completely prevent ransomware attacks.

After finding this solution, we have focused on creating a patent and developing ransomware-proof data storage. Now, Hybrid WORM Network Storage is used in major government organizations, financial companies, and research institutions.

06

Hybrid WORM Network Storage Demo

youtube_thumbnail
Play Video