Intel also announced at this years CES that It has entered a partnership with Israel-based Cybereason to help protect businesses against ransomware attacks. As part of the agreement, the cybersecurity company will develop new Intel "Hardware Shield protections" on the Intel Core vPro platform.
Intel is offering a developer’s kit and pre-written scripts for security vendors to use.The processors leverage data aggregated for performance improvements as a data source that security products can then tap. While ransomware makers can try to obfuscate their processes to operating system level controls, Intel reasons it’s nearly impossible to hide the processor activity required to perform bulk encryption of documents.
We've been pushing the idea of hardware-based malware protection for over thirty years, now, and so far every one of the "solutions" has been more trouble than it is worth.
I remember one early one that almost got me in BIG trouble. Not only did it *not* keep a virus from infecting the machine, but, once the machine *did* get infrected, the device actually prevented me from disinfecting it! (It was only the shareware DISKSECURE utility that got me out of trouble. http://victoria.tc.ca/int-grps/books/techrev/pcdsksec.rvw )
I recall the "Trusted Computing Platform" initiative and group. Aside from proposing that they have the power to determine who did what to a computer, *any* computer, they also basically destroyed the concept of "trusted platform," which is still something you need to know for the exam.
So, while I don't know all the details of this latest plan, I'm fairly sure they will mess it up. (And history is on my side.)
Intel unveiled new anti-ransomware capabilities for its 11th generation Core vPro processors, requiring little from security chiefs to reap the rewards. The processors leverage data aggregated for performance improvements as a data source that security products can then tap.