Dennis Underwood
Published on
July 15, 2022

Ransomware & File Corruption: How Does That Happen, & Who Can I Blame? (Part 4: Putting It All Together)

Here is Part 4 of our explanation of file corruption during and after ransomware attacks - Putting It All Together. Do you think having a stronger security program increases or decreases the chance of having file corruption? Find out! (and how to remove the issue altogether...)

As a company's security investment increases, we do see an almost linear progression from IT team, to security team, to security automation affecting file corruption. That is, assuming the ransomware was caught to begin with; again, no stopping the ransomware, means no file corruption. Instead of stating there is more or less file corruption, it is best to just say it is more unpredictable, aka, "messy", as a company's capabilities increase. It really comes down to the positioning and capabilities of the attackers and defenders, and how they line up. The dynamic is such that, the amount of file corruption, assuming you catch them, is up to the maturity and effort of the ransomware attacker, not the defender.

We spent quite a few late nights devising a solution in which does not corrupt files. This is true whether fully automated millisecond automation is not turned on (in which normally there are 0 files encrypted), or the admin configures our tool to require a user to approve response (normally some files will be encrypted, since human response is much slower than automated machine response).

However, for folks who are not Ransomware Rewind customers, we predict that file corruption will increase.

Looking to prevent downtime with ransomware, including file corruption? Check out this demo video we made. Got a sample of ransomware you want us to test? We love doing demos!

About the author
Dennis Underwood

Dennis Underwood is a veteran, cybersecurity leader, inventor, and entrepreneur with over 20 years of experience. He is an expert at cryptography, intrusion discovery and analysis, having discovered multiple previously unreported intrusions to clients throughout his career. Currently, he is leading a team of like-minded experts delivering next generation intrusion discovery and ransomware response automation tools to consumers.

Start a free trial today

Sign up for Cyber Crucible today to protect your system against ransomware extortion.

Create an account