A. Technical Field
This invention relates generally to data encryption and more particularly to data encryption for prevention of malware attacks designed to access user data.
B. Background of the Invention
There are many malware programs that attack user data and more and more malware programs are created every day. The current solutions to the malware are insufficient.
There are several different types of malware that attack user data, for example, zero day attacks, rootkit, and anti-malware disabler that cannot be prevented by existing anti-malware solutions. Attackers use existing exploits to penetrate into the organization network or create custom and targeted malware often with zero-day exploits. Attackers also establish a permanent, undetectable presence in the system and progressively inject more malware to continually access and extract new data.
Malware attackers intent is to steal sensitive data from their targeted organizations in specific sectors like the government, finance and manufacturing. The attackers use their vast resources to establish the back door that enables them to gain entry into the company network unnoticed.
The attackers are remarkably persistent in their efforts to circumvent existing defenses and stealthy tactics in order to maintain an ongoing and undetected corporate network access. They demonstrate good situational awareness by evaluating defenders' responses, relentlessly rewriting the code and then escalating their attack techniques accordingly.
One ploy often used by attackers is to lure a victim to click on a links which appear to be social networking links, but instead actually install the malicious malware onto a victim's computer. Once the malware has been installed, the attacker can gain access to the victim's data including sensitive information that can be used for identity theft or to access other sensitive data. Most of the time the victim is not even aware of the attack. In some instances the malicious malware installed even disables the victim's safeguards such as anti-virus or anti-malware software or an intrusion detection system.
In summary, what is needed is an anti-malware solution that protects a victim's data from the malware attacker such that the attacker cannot have access to the victim's sensitive information.