Hardware Enabled Ransomware Detection Added By Intel To 11th Gen vPro Chips
The 11th generation Core vPro business-class processors will come with an in-built anti-ransomware defense which will be added by Intel in partnership with Cybereason. The Threat Detection Technology (TDT) and The Hardware Shield are the two main hardware-based security improvements that are heated into Intel’s vPro platform which can further empower detection and profiling of various attack risks and ransomware that do generally affect the CPUs performance. Cybereason in a blog post stated that “The joint solution represents the first instance where PC hardware plays a direct role in ransomware defenses to better protect enterprise endpoints from costly attacks and underscores both companies’ commitment to empowering defenders by reversing the adversary advantage”.
The firmware-level attacks/hacks that mainly focus on BIOS, will be cut down as Intel’s Hardware Shield will serve securities against them and the Hardware shield being selective for the vPro. This will make sure that either the operating system is working on genuine hardware or not plus reducing the possibility of malicious code being injected by securing down the memory in BIOS, while the software will run to prevent compromising of the OS from the implanted malware. The Threat Detection Technology (TDT) of Intel distinguishes between various strange attacking patterns (constantly and continuously) like crypto mining, polymorphic malware, ransomware infections, file-less scripts, etc. Intel mentions that “The Intel PMU sits beneath applications, the OS and virtualization layers on the system and delivers a more accurate representation of active threats, system-wide. As threats are detected in real-time, Intel TDT sends a high-fidelity signal that can trigger remediation workflows in the security vendor’s code. Intel TDT issues no specialized efficacy or performance reports; rather, the data is seamlessly incorporated as a part of normal endpoint sensor reporting”.
The advancement hits because ransomware assaults detonated in numbers a year ago, energized partially by the COVID-19 pandemic, with normal payout expanding from about $84,000 in 2019 to about $233,000 in 2020. The ransomware contaminations have likewise prompted a very high increase in “Double Extortion” in which cybercriminals tend to compromise confidential information, takes a hold of the data in hope that any casualty will fulfill their ransom instead of risking their data to be revealed publicly, in this manner totally subverting the act of recuperating from information reinforcements and try not to pay ransoms. Likewise, malware attackers are progressively expanding their concentration past the working arrangement of the Operating System to the deep down layers to possibly convey boot kits and take total control of a tainted framework. A new feature in TrickBot named TrickBoot was discovered by researchers last month, that attackers can use to inject harmful code in BIOS firmware to achieve control and perform any sort of task they prefer of any of their preferred devices.
Intel’s partnership with Cybereason is being considered a great step in the direction of easy detection and removal of malwares beginning from the chip level to the last endpoint. The regarding statements were “This collaboration between Intel and Cybereason represents a best-of-breed combination of hardware, software, and security know-how that provides defenders to detect and eradicate malware from the chip-level to the endpoint to everywhere. Together, Intel and Cybereason are working to reverse the attacker’s advantage and end cyber attacks. Cybereason’s multi-layered protection, in collaboration with Intel Threat Detection Technology, will enable full-stack visibility to swiftly detect and block ransomware attacks before the data can be encrypted or exfiltrated”.
If you like this article, follow us on Twitter, Facebook, Instagram, and Linkedin.