Google Just Turned On Ransomware Armor for Paying Drive Users 

Google has flipped the switch on its AI-powered ransomware detection for all paying Google Drive users, automatically protecting cloud files from encryption attacks. The feature, now live by default, halts syncing when suspicious activity is detected and guides users through recovery 

Key Takeaways

• Google's AI-driven ransomware detection is now enabled by default for all paid Google Workspace plans
• The system pauses file syncing when ransomware is suspected, protecting cloud-stored files
• Paying users get automatic alerts and step-by-step recovery tools
• Admins can disable the feature but must update desktop apps for full protection
• Google claims its updated AI model catches 14x more ransomware than during beta

In This Article

• Ransomware Detection: Google
• How Google
• Who Gets This Protection 
• Cloud Rivals Step Up Their Game

Ransomware Detection: Google

In a major security upgrade, Google has silently activated its AI-powered ransomware detection feature for all paying Google Drive customers. What was once a beta experiment is now a standard shield protecting businesses, schools, and professionals who rely on Drive for file storage and collaboration.

• The feature scans files as they sync from desktops to the cloud, looking for signs of ransomware encryption
• If malicious patterns are spotted, syncing stops immediately to prevent infected files from overwriting clean versions in the cloud
• This doesn't save the local machine, but it keeps your cloud backups intact 

How Google

At the heart of this defense is an advanced AI model trained to recognize the digital fingerprints of ransomware 

• When a file starts behaving oddly 
• Users get instant email alerts and in-app notifications, while IT admins see warnings in the Google Admin console
• After containment, Google walks users through restoring files using version history and backup tools 

Who Gets This Protection 

Google isn

• Business, Enterprise, Education, and Frontline Google Workspace subscribers are automatically protected
• Individual Google Workspace subscribers also have access, along with personal account holders for the file restoration tool
• Admins can disable the feature in the Admin console under Drive and Docs security settings
• To receive full alerts, organizations must install Google Drive for desktop version 114 or higher on employee devices 

Cloud Rivals Step Up Their Game

Google isn

• Microsoft OneDrive offers similar ransomware protection for Microsoft 365 subscribers, including detection and automated recovery
• Dropbox extends its anti-ransomware tools to Business Plus, Advanced, and Enterprise customers, or as an add-on for smaller plans
• These moves show cloud providers are treating ransomware as an inevitable threat, shifting from prevention to rapid response
• The race is on to build smarter, AI-driven defenses that act faster than human admins can react 

“Compared to when the feature was in beta, we are now able to detect even more types of ransomware encryption and are able to do it faster. Our latest AI model is detecting 14x more infections, leading to even more comprehensive protection”

— Google, Official Statement

Final Thoughts

With ransomware attacks growing more sophisticated by the day, Google

Sources & Credits

Originally reported by BleepingComputer