IBM's new AI-enabled SSDs identify and eradicate ransomware in under a minute

IBM render from original blog post, showcasing a security system that's a perfect fit for this tech.
IBM render from original blog post, showcasing a security system that's a perfect fit for this tech. (Image credit: IBM)

Yesterday, IBM released a blog post detailing its technology for AI-enhanced protection against malware including ransomware on its SSDs, the fourth generation of IBM's FlashCore Module (FCM) technology. As detailed by them, the latest revision of FCM (FCM4) now supports artificial intelligence, but applied for the purpose of detecting and responding to cybersecurity threats as they arise.

Previous generations of FCM are already capable of scanning all incoming data without impacting performance, but lack the enhanced features of AI. FCM4 monitors statistics for every single I/O operation, and uses machine learning to detect threats like ransomware in under a minute.

This approach from IBM joins the likes of other self-protecting SSD storage. For example those made by Cigent and Phison and other, more performance-intensive hardware protection methods. 

Focusing on IBM's solutions, though, let's talk about more than just threat detection. By measuring data parameters like compressibility, randomness and entropy, the IBM Storage Insights software can alert users to an anomaly. The FCM4 technology gathers real-time IO data which machine learning models use to determine a threat.  By integrating FCM with IBM's Storage Defender Software, IBM can leverage AI detection and data recovery operations on both the software side and the hardware side.

Of course, making the most of these technologies and their assorted backup, restore, and protection features is currently limited to high-end applications. While day-to-day SSDs may one day see protection like this, IBM's FCM technology and corresponding software is targeted squarely at enterprise and professional users, particularly ones needing to deal with high-sensitivity or confidential information.

By dramatically increasing the speed at which ransomware and other malicious activities can be detected, removed, and repaired from storage, IBM has shown that machine learning AI actually can be the ideal choice for some workloads. 

While the ethics and morals of "generative AI" in art, music and literature are quite rightly being debated, the use of AI in this application means better security for enterprise users. Even the most seasoned IT security pros would be hard-pressed to detect and start reversing a ransomware attack within a single minute, but a job like that might actually be perfect for these ever-evolving machine learning models.

  • garrett040
    Yea thats what i want, ai in my ssd that can hallucinate a virus and delete my data, perfect.
    Reply
  • jeremyj_83
    garrett040 said:
    Yea thats what i want, ai in my ssd that can hallucinate a virus and delete my data, perfect.
    I'd rather have that happen in an enterprise environment than ransomware. There are ways to recover lost data quite easily. Recovering from ransomware can take a long time and be excessively expensive.
    Reply
  • TheyCallMeContra
    garrett040 said:
    Yea thats what i want, ai in my ssd that can hallucinate a virus and delete my data, perfect.

    Trust me, friend: this piece pre-editing was even less kind to "generative AI" than you're being right now. However, these are very different applications of the technology— something that truly only helps people, not some automated tool for trying to skip the work involved in creating anything meaningful. There is no reason to expect this to "hallucinate a virus", particularly not with IBM's pedigree in mind.
    Reply
  • kyzarvs
    Having survived a customers' ransomware attack with a 15-second command, I'm going to say just use version control? Nextcloud / 1Drive / Google / Alfresco have all supported it for years. "Oh no, everything has been encrypted" = clean the virus off the infected machine then roll all affected files (easily identifiable by date / time altered) back by one version. Sounds like a way to make SSD's more expensive so they do a job that's already under control elsewhere.
    Reply
  • TheyCallMeContra
    kyzarvs said:
    Having survived a customers' ransomware attack with a 15-second command, I'm going to say just use version control? Nextcloud / 1Drive / Google / Alfresco have all supported it for years. "Oh no, everything has been encrypted" = clean the virus off the infected machine then roll all affected files (easily identifiable by date / time altered) back by one version. Sounds like a way to make SSD's more expensive so they do a job that's already under control elsewhere.

    Fair point, though I don't think anybody's arguing this is somehow the only way to solve the problem. I certainly didn't mean to imply as such. That said, automating the process you describe would ideally free up time for IT staff to be put to work elsewhere. And IBM's software solution also seems to be quite capable of version control.
    Reply
  • Sleepy_Hollowed
    Ah, yes, how will this prevent data loss from actual enterprise software encryption, for example?

    No thanks.
    Reply
  • Findecanor
    Intuitively, this felt a bit weird at first. However, after reading the previous article about AI-driven disk protection, I think it made more sense.
    Organisations are often very bad at protecting against ransomware attack, but when they succeed, it is not just the organisation itself that is affected.

    Technically seems to me somewhat like a versioning system, below the file system. But how well would it interact with an actual versioning file system?
    Reply
  • Zaranthos
    Let the AI arms race begin. AI powered defensive tools, AI powered malware, AI powered viruses, AI powered tech support, and AI powered therapists to smooth it all over when it goes wrong. Haha. It will get interesting. Ultimately I expect technology will leap forward quite a bit as humans continue to decline in health and skill. We can continue to binge more Netflix, eat more junk food, spend more time indoors, and let AI do its best to prolong our rapid decline into poor health. At least the people who don't figure out we're being played by captured institutions looking out for corporate profit more than our actual health and well being. Not even a pessimistic view, just an honest view of what's actually happening as technology advances, life expectancy declines, fertility rates decline, and modern diseases get worse faster than medical technology can apply big pharma band-aids at taxpayer expense.
    Reply
  • HaninTH
    Is this any worse that SMART and sector relocation on spinners? This might even extend the service life of spinners and SSDs as they're able to detect issues that would affect device longevity long before the user detects it. That is not what this particular iteration appears to be set for, but it is not a far stretch to include them or change the priority of the scheme to focus on it.

    "Intelligence" as a protection mechanism can and should be part and parcel of any device/system meant to be resilient and reliable. My question is, how does this fit in to the Scheduled Obsolesce that everything seems to be going through?
    Reply
  • NinoPino
    garrett040 said:
    Yea thats what i want, ai in my ssd that can hallucinate a virus and delete my data, perfect.
    You can say everything of IBM but not that their systems are unreliable. I bet with such systems you not loose a single bit.
    Reply