There are many millions of computer hard drives, from every hard drive maker, that are especially open to devastating ransomware attacks. These drives are known as a TCG Self-Encrypting Drives (SEDs). If they are not properly initialized, there can be trouble with ransomware attacks. If these are properly initialized, there is little or no danger of these ransomware attacks.
Most Solid State Drives or SSDs and many hard disk drives in laptops, desktops, and servers worldwide fall into this uninitialized category. People worldwide use these SEDs today for boot drives, USB attached storage, and server storage. Very few even know the danger.
And ransomware is not a thing of the past. It continues. An unsuspecting victim clicks on an email attachment, or something on the web, and his data is encrypted by the attacker. The attacker then demands a ransom payment to unlock his data. Nobody is safe from a successful ransomware attack. As one government official has remarked, it is not a question of “if” it is a question of “when.”
For over a decade these SED drives have been in distribution. All too often, software does not properly initialize the drives to prevent ransomware attacks. The hacker can then instantly employ the strong hardware drive encryption to encrypt the data on it. As Dr. Robert Thibadeau of DTA remarks, “Notably, even Microsoft Bitlocker often does not detect the Self-Encrypting Drive, and will use Software Bitlocker. Bitlocker then leaves the drive open to a ransomware attack that the guy didn’t expect. The same is true for virus checkers and other security software.”
The Drive Trust Alliance (DTA) has introduced a small Windows program, for free, SEDProtect.exe. This software will detect any vulnerable TCG Opal Self-Encrypting Drive connected to a computer. SEDProtect is based on DTA Open Source which can also be downloaded for inspection. See www.drivetrust.com/protect . The protection is simple and easy as typing an owner password for the drive. This need be done only once for the life of the drive.
To put these SEDs to safe use in USB Attached storage, DTA has introduced full featured software in DTA’s Personality Series of USB SEDs. The USB Personality Series includes personal, small IT shop, family, archival, and forensic drives at the same low price. They are available on Amazon under “DTA hardware encrypting.” Like SEDProtect, Personality Series USB software can also detect any other vulnerable USB drive that happens to be a TCG Opal SED, and will permit the owner to secure and manage that drive as well.
DTA urges everyone to check and protect their machines for TCG Opal SEDs. DTA (www.DriveTrust.com) has an educational and technical mission to improve the adoption of hardware-encrypting storage. Protected, the real owner of the drive can benefit from the self-encrypting drive’s amazingly strong privacy and security assurances. Unprotected, ransomware wins.