Can I use Ransomware virus as data theft prevention?

[ProngsOldGuy]

Hi, the idea behind ransomware as data theft prevention is because I found it's soo hard to decrypt data that got infected by ransomware. 

 

That's give me idea to weaponized The ransomware virus and used the encryption feature for my benefits.

 

So the idea is, if someone manage to gain access to your critical data. The ransomware virus will be activated.

 

Let's say like someone stole your laptop. Then they managed to bypass the password. Or simply plug your laptop drive to another pc. Then, when other pc than your laptop or your laptop password is compromised, some auto script will run the ransomware virus. And it will infect the drive automatically. So your data will be save ( because no one can access that hopefully).

 

Is this idea is feasible or not?

[Oshino Shinobu]

It would be easier to just use full disk encryption, which would achieve the same thing (as that's really what ransom ware is doing). Or use encrypted containers if you only want some data encrypted. 

 

EDIT: This is essentially what things like Bitlocker are designed for. Rather than using ransomware to protect your data, ransomware is using technology designed to protect data to hold it ransom.

[TetraSky]

Just use bitlocker or VeraCrypt...

[chiller15]

Like @Oshino Shinobu said, BitLocker is your answer. Instead of having that over-complicated idea, simply encrypt your drives with something like BitLocker (which is free for Windows PCs from Microsoft). If a device/drive is stolen...the thief cannot access the data without the password to access the drive.

 

I have deployed BitLocker across my organisation (a school) to protect against theft as we have a lot of extremely sensitive data regarding our students and staff.

[WereCatf]

49 minutes ago, ProngsOldGuy said:

So the idea is, if someone manage to gain access to your critical data. The ransomware virus will be activated.

 

Let's say like someone stole your laptop. Then they managed to bypass the password. Or simply plug your laptop drive to another pc. Then, when other pc than your laptop or your laptop password is compromised, some auto script will run the ransomware virus. And it will infect the drive automatically. So your data will be save ( because no one can access that hopefully).

 

Is this idea is feasible or not?

Yes, it is entirely unfeasible and completely useless.

 

First of all, the virus would have to magically know when it's not you who is accessing the laptop in order to do its job. If the person managed to bypass your password or hack it, how would the virus know it's not you? Yeah, no, it wouldn't; there's no reliable way of getting it to recognize friend from foe, and if there was a false positive, it'd encrypt all your files when you're trying to work on them -- even worse! Secondly, what if the hacker, you know, booted up e.g. Linux from USB, or took the drive out and plugged into another PC? Yup, the virus wouldn't work anymore, again rendering the plan a waste of time!

[GoodBytes]

The purpose of of a ransomware is for YOU to not access your data. It preys on people who don't do backups.

They don't care about your data.

 

[solarflare]

+1 bitlocker

 

[ProngsOldGuy]

Thank you for Information. I have found more feasible method. I simply hookup a stepup regulator module 3,7v to 12v to onto ssd circuit. And put some hidden switch so if someone unplug the ssd or plug usb without disabling hidden switch it will overload the voltage and hopefully destroy the ssd and better yet destroy the laptop itself.

 

Firecracker method is another feasible idea. But i think it's too dangerous.

 

One of my clients is lawyer firm. That deal with political sensitive issue. They're at risk get raided by whoever in power. So they resort to destroy any data if some government raid occurred.

 

I already installed some step up regulator module into their NAS that controlled by wireless switch. So they can destroy the data whenever it's need.

 

They used to install small explosive into their NAS. Wich I removed it because it's too dangerous and at the same time It's too obvious for investigator.

[GoodBytes]

10 minutes ago, ProngsOldGuy said:

Thank you for Information. I have found more feasible method. I simply hookup a stepup regulator module 3,7v to 12v to onto my ssd circuit. And put some hidden switch so if someone unplug the ssd or plug usb without disabling hidden switch it will overload the voltage and hopefully destroy the ssd and better yet destroy the laptop itself.

I'll you do, is fry the fuse in the SSD, and maybe the one in the SATA controller. And they are data recovery center for SSDs and they can recuperate data from damaged SSDs including from serious fire damage, so even if it could get damaged, it won't do anything. They can unsolder the chips and put it in another SSD with the same controller. They don't get idiots when it comes to these things, they get experts.

 

Quote

Firecracker method is another feasible idea. But i think it's too dangerous.

If you do, and the person gets hurt, even though he is the most wanted criminal of all time, he can sue you and most likely win in most countries.

 

Quote

I already installed some step up regulator into their NAS that controlled by wireless switch. So they can destroy the data whenever it's need.

You know that is illegal and he and possibly you, be charged with obstruction of justice and/or destroying evidence. And if the government is after your client, it would be easy for the to set new laws to set things its own way (oh you wore a white shirt... new law... people who were found to wear a white shirt at this particular time and place,...life in jail! Notional Security - Secret Law!"

 

[ProngsOldGuy]

Well the best method is still good old hammer. And crush the ssd to the dust.

 

About obstruction of Justice, I do realize that. That's why I ask them to remove the small explosive from their NAS. And try to reject some computer project

 from them as much as I can.

 

And put backup onto the clouds. Wich is safer actually.