Latch ARW is a tool that adds a layer of authorization in Windows systems on “protected” folders so that any write or delete operation of the files is denied.
In recent years there has been a rise of Ransomware attacks. According to Wikipedia, “A ransomware is a type of malicious software that restricts access to certain parts or files of the infected system and asks for a ransom in exchange for removing this restriction. Some types of ransomware encrypt the operating system files disabling the device and coercing the user to pay the ransom.”
Latch ARW is a tool that adds a layer of authorization in Windows systems on “protected” folders in addition to the existing permissions of the operating system, so that any write or delete operation of the files is denied. The authorization in this case relies on Latch instances for each folder. That is, we will not be able to modify or delete any files in these folders if the Latch associated is closed.
If a folder is protected with Latch ARW, any write or delete access will be consulted to the Latch servers, the owner of the mobile phone will receive a notification through the Latch Apps, and they will be able to open Latch if any changes were necessary.
This system allows proactively to protect files from hijacking by a ransomware or any other malware. The tool allows the user to open files in read mode for their viewing, copying, etc.
Latch ARW works as a Windows driver in kernel mode that monitors I/ O operations to identify if they occur on a protected folder and if they are write or delete operations. The driver in turn communicates with a Windows service that check the status of the authorization with the Latch servers and conducts an inventory of protected folders.
The user interface for the pairing and unpairing and to protect and unprotect a folder is integrated into Windows Explorer. It is very user-friendly with context menus directly on folders.
All the user must create a Latch account with a pairing token. The pairing wizard can be launched either right after the Setup, or at any time with the context menu of Windows Explorer.
Security Status Report 2022 H2
Security Status Report 2022 H1
Marvinpac: advanced managed Cyber Security services