BicDroid | News | QDocSE

News | QDocSE provides data security for its customers



BicDroid QDocSE provides data security for its customers

December 16, 2020

Recently, a successful ransomware attack on Foxconn’s infrastructure in Mexico has made headlines; approximately 1200 – 1400 of their servers were encrypted with ransom, 100 GB of unencrypted files were stolen, and 20 – 30 TB of backup data were deleted. A cyber attack like this is not an isolated incident; similar incidents occur globally every so often. Once again, this calls for new types of data security solutions such as BicDroid QDocument Server Edition (QDocSE).

Deployed by a customer to protect their server data, QDocSE successfully defeated hackers when the hackers launched similar ransomware attacks on the customer at the end of May this year. With the strong protection provided by QDocSE, all illegal operations on protected data were intercepted and blocked by QDocSE in real time without affecting any services provided by the protected servers, thereby keeping data secure and avoiding business interruption and economic losses for the customer.

Table 1. Playback of defeated ransomware attacks.

The table above is extracted from the logs recorded in real time by QDocSE Central Sentry Platform (CSP) on May 28. It clearly shows how the hackers launched the defeated ransomware attacks on May 28:

  1. The hackers first tried to use the sftp-server service to illegally retrieve and download protected data. They tried 1803 times. However, each and every time they were defeated by QDocSE.
  2. The hackers then tried to disguise as a legitimate program, using the tar command, to compress and encrypt protected data for ransom. They tried 130 times. Again, each and every time they were defeated by QDocSE.
  3. Without giving up, the hackers then attempted to disguise as a legitimate program, using the cp command, to copy the protected data. They tried 33 times. Again, each and every time they were defeated by QDocSE.
  4. Finally, the frustrated hackers puzzled over what kind of data it is. They attempted to check the attributes of the data files, but were blocked by QDocSE again.

The hackers left in vain without getting anything and without knowing anything.

Why QDocSE is so effective

Built upon the pioneering technology dubbed "cryptographic partition for data self-protection", QDocSE consists of secure OS kernel modules acting as a data sentry, a SE Console, a SE Service, and a connected CSP, providing reliable and effective protections for data on various servers.

Cryptographic partition for data self-protection is designed to solve the security problems for data-in-use and data-in-transit on servers and endpoints in a network environment with unknown vulnerabilities, unknown backdoors, as well as unknown threats. By applying advanced cryptographic techniques to enhance the security of an operating system, cryptographic partition for data self-protection (1) builds a secure, unbroken, and invincible chain to connect CSP, authorized programs, respective DLLs or SOs, configuration/script files, input variables, processes, memory, and encrypted data, and (2) carves out dynamically and on demand, from the system execution environment, a quarantined secure work space for data activities to take place, keeping looming threats at bay.

For more information on BicDroid QDocSE, click here.