There is disclosed in one example a ransomware mitigation engine, including: a processor; a convolutional neural network configured to provide file type identification (FTI) services including: identifying an access operation of a file as a write to the file or newly creating the file; computing a byte correlation factor for the file; classifying the file as belonging to a file type; determining with a screening confidence that the file type is correct for the file; determining that the screening confidence is below a screening confidence threshold; and circuitry and logic to provide heuristic analysis including: receiving notification that the confidence is below the confidence threshold; performing a statistical analysis of the file to determine a difference between an expected value and a computed value; determining from the difference, with a detection confidence, that the file has been compromised; and identifying the file as having been compromised by a ransomware attack.

An information handling system includes a host processing system, first and second data storage devices having respective first and second data storage capacities, and a license manager. The license manager implements a first license, receives a second license, and implements the second license without rebooting the information handling system. The first license defines a first configuration where the first data storage device is visible and the first data storage capacity is available to the host processing system, and the second data storage device is not visible and the second data storage capacity is not available to the host processing system. The second license defines a second configuration where both data storage devices are and both data storage capacities are available to the host processing system.

A nonvolatile memory device includes: a nonvolatile memory including a plurality of physical blocks; and a memory controller configured to execute an internal process of migrating data between physical blocks. The memory controller is configured to select, based on an update frequency level which is identified with respect to a logical address range from a higher-level apparatus, a physical block to be allocated to the logical address range from among the plurality of physical blocks. The memory controller is configured to determine, in the internal process, whether to set a migration destination level (an update frequency level of a migration destination physical block) to a same level as or a different level from a migration source level (an update frequency level of a migration source physical block) based on whether or not an attribute of the migration source physical block satisfies a prescribed condition.

A system and method for first changing the encryption key on a self-encrypting disk drive followed by a complete disk wipe. Either process can be separately performed, and they can be performed in any order. In fact, one embodiment of the invention, resets the symmetric key, wipes the disk a predetermined number of times with different predetermined data patterns, and then resets the key a second time. This assures that there is absolutely no way to recover the original key or to read the original plain text data, even if some of it's encrypted values remain on unallocated tracks after wiping. A user can be assured that in milliseconds after starting the wiping process, the entire disk is rendered unreadable and unrecoverable. Verifiable data can be pre-written to a device that is later read back to assure that wiping or firmware-based erase commands have worked.

A method begins by a storage unit of a dispersed storage network (DSN) executing transitioning storage of one or more groups of encoded data slices. The method continues while transitioning storage of the one or more groups of encoded data slices with the storage unit receiving a proxied data access request regarding an encoded data slice from another storage unit of the DSN. The method continues by the storage unit determining whether the other storage unit is an authentic storage unit of the DSN based on at least one of the encoded data slice, a previous version of the distributed agreement protocol, and a new version of the distributed agreement protocol. The method continues by when the other storage unit is the authentic storage unit, processing the proxied data access request to produce a data access response and sending the data access response to the other storage unit.

A method begins by a storage unit of a dispersed storage network (DSN) executing transitioning storage of one or more groups of encoded data slices. The method continues while transitioning storage of the one or more groups of encoded data slices with the storage unit receiving a proxied data access request regarding an encoded data slice from another storage unit of the DSN. The method continues by the storage unit determining whether the other storage unit is an authentic storage unit of the DSN based on at least one of the encoded data slice, a previous version of the distributed agreement protocol, and a new version of the distributed agreement protocol. The method continues by when the other storage unit is the authentic storage unit, processing the proxied data access request to produce a data access response and sending the data access response to the other storage unit.

A system and method for reclaiming select components containing rare earth metals of electronic media electronic storage devices such as hard disk drives, solid state drives and hybrid hard drives and destroying the data containing components thereof comprising first devices to loosen various components of the storage device, the components including the components containing the rare earth elements and the data containing portions. Second devices are provided for removing components from the storage device. A holding chassis receives the storage device, and moves the storage device for engagement with the first and second devices. A section is provided for destroying the data containing portion of the electric storage device when it is removed from the storage device.

A method, system and computer program product are provided for implementing block extent granularity authorization model processing in Coherent Accelerator Processor Interface (CAPI) adapters. The CAPI adapter includes an authorization table and a file system authorization function to authenticate data access for a client at an extent granularity and to prevent an application from accessing unauthorized data in the CAPI adapter. Each authorization table entry provides for the CAPI client, a CAPI client identification (ID), a CAPI server register space assigning resource ownership to the CAPI client with a CAPI set of allowed functions.

Computer-based methods, techniques, and systems for automatically protecting a storage device from unwanted alterations are provided. Example embodiments provide a Disk Access Redirection System, which includes a Redirection Driver, an Available Space Table (“AST”), a Protected Space Redirection Table (“PSRT”), and optionally an Unprotected Space Table (“UST”). The Redirection Driver is installed and registered with the computer operating system so that it can intercept storage device access requests (such as a disk read/write). When a storage access request for a read or write is sent, the request is intercepted by the Redirection Driver, transparent to the code that invokes the storage access request. The Redirection Driver uses the AST, PSRT, and optionally the UST, to allocate available storage space for redirected write requests, redirect write requests for protected areas of the storage device, and redirect read requests when the read request specifies a storage location that has been previously redirected.

Computer-based methods, techniques, and systems for automatically protecting a storage device from unwanted alterations are provided. Example embodiments provide a Disk Access Redirection System, which includes a Redirection Driver, an Available Space Table (“AST”), a Protected Space Redirection Table (“PSRT”), and optionally an Unprotected Space Table (“UST”). The Redirection Driver is installed and registered with the computer operating system so that it can intercept storage device access requests (such as a disk read/write). When a storage access request for a read or write is sent, the request is intercepted by the Redirection Driver, transparent to the code that invokes the storage access request. The Redirection Driver uses the AST, PSRT, and optionally the UST, to allocate available storage space for redirected write requests, redirect write requests for protected areas of the storage device, and redirect read requests when the read request specifies a storage location that has been previously redirected.