
BicDroid QDocSE Blocks Attacks From HermeticWiper on Data
March 8, 2022
Waterloo, ON - The day before Russia’s military attack against Ukraine, new destructive malware now called HermeticWiper was unleased against organizations in Ukraine to destroy computer systems and render them inoperable. The list of victim organizations includes major Ukrainian government departments and banks. The number of attacked computers is in hundreds.
HermeticWiper is destructive. It bypasses Windows security features and gains write access to many low-level data-structures on the disk. It then damages the Master Boot Record (MBR), fragments files on disk, and destroys them, rendering the attacked computers inoperable and also making data recovery impossible. HermeticWiper on Windows can be ported and adapted to Linux systems as well.
As the US Cybersecurity and Infrastructure Security Agency warned, "Destructive malware can present a direct threat to an organization's daily operations, impacting the availability of critical assets and data. Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries."
For organizations who are concerned with HermeticWiper and other similar attacks, the good news is that BicDroid QDocSE blocks attacks from HermeticWiper and others on data in real time. Building on a leading data-centric security model, BicDroid QDocSE protects data in real time within a dynamic threat environment. The data protected by QDocSE can be in any form including financial, legal, engineering, PII, etc. The key files needed to boot a computer system and run it are also protected. Protection means that malware cannot access, modify or delete the data.
The philosophy at BicDroid is that "it's not if someone breaks into your system and gets its full administrative privileges, but when they will do so". The question is then how to protect your data in real time whenever a gang breaks into your system with full administrative privileges. To answer this challenge, BicDroid QDocSE establishes an end-to-end seamless cryptographically secure chain to enhance the operating system security, regulates which programs can access your very important data, continuously monitors authorized programs and their libraries, protects the memory and stack of authenticated and authorized processes, ensures malware is not injected into authorized programs, libraries, and processes, and automatically encrypts data for protection. QDocSE also protects itself by making it impossible for attackers to turn QDocSE off or change its configuration even if they are the administrator. The end result is that data including key system data is protected at rest, in use and in motion within the system. With QDocSE installed, if and when a gang breaks into your system with full administrative privileges, it's like having a robber walk into your house but that robber can't touch or take anything.
For more information about cyber attacks and QDocSE, contact BicDroid by email or visit here.