Offensive Security

Healbox – the email mailbox with ransomware protection!

Healbox – the email mailbox with ransomware protection!

The Healbox is a project of the Institute for Internet Security, the State Office of Criminal Investigation and eco – Association of the Internet Economy and provides malware and ransomware protection for the e-mail inbox. Small and medium-sized companies often do not have the financial means to protect themselves extensively against the invasion of e-mail.

The Healbox is a project that starts at this point and provides extensive protection mechanisms to prevent malicious encryption of your data. The system is hardened and not able to communicate to the outside.

Ransomware protection – the Healbox prevents outbreaks!

Anyone who uses a Windows system without virus protection on the Internet either knows exactly what he is doing or not at all. But even the well paid virus protection does not provide 100% security. On the desktop computer the matter is clear – whether an anti-virus software on the smartphone is necessary, we wrote something about that last week. So that above all the smallest and small businesses can protect themselves effectively – and above all economically – the Healbox was brought into being.

The system is based on the very popular mini board computer Raspberry Pi. A small computer that can be used in so many ways that many computer scientists have it at home. The next application is waiting and could be the Healbox! A fast download, the easy installation makes sure that the data is quickly protected.

Raspberry Pi with installed Healbox is a ransomware protection
Raspberry Pi with installed Healbox is a ransomware protection Source:commons.wikimedia.org

Why does the Healbox protect against ransomware?

Most malware is still programmed for Windows operating systems. There are not many operating systems on the market, but those that do exist differ not only in their operation. And this is exactly the good thing. If ransomware intended for Windows ends up on a Linux operating system, there is a very high probability that nothing will happen.

The attack goes nowhere. Registry files are searched for that do not exist. File types are downloaded that cannot be interpreted as executable code under Linux. Many advantages speak for using the Raspberry Pi with an installed healbox as a physically separated mailbox. Nothing goes out – just in.

Wrong applications can be opened. Dubious attachments can be unpacked and macros can be executed without regard to losses. However, you should not push your luck. There is also malware that adapts to the system. So there is still no way around updates and patches.

Who has worked on the Healbox?

In addition to the State Criminal Police Office of Lower Saxony, the eco – Association of the Internet Industry was also involved. The third project participant was the Institute for Internet Security (ifis). Under the direction of Prof. Dr. Norbert Pohlmann, extensive tests were carried out to determine the extent to which the Healbox is vulnerable to malware and especially ransomware. None of the hundreds of malware samples could be successfully executed on the Healbox!

What do I need for a reliable ransomware protection?

Not much is necessary. Especially the minicomputer. A keyboard and mouse are recommended for operation. If a discarded monitor is found now, the retrieval of e-mails is perfect. No expensive firewalls, no complicated filter settings. On the Raspberry Pi with installed healbox you can run all files you wouldn’t trust under a Windows environment.

Photo of author

Vincent Reckendrees

Hallo, ich bin Vincent Reckendrees und leite das Team Offensive Services bei der AWARE7 GmbH. In meinem Bachelor und Master Studium habe ich mich auf IT-Sicherheit spezialisiert und BSI zertifizierter IS-Penetrationstester. Meine Leidenschaft gilt Reverse Engineering, Hardware- und Web-Sicherheit. Als Experte für Penetrationstests finde ich Schwachstellen in Systemen und Netzwerken und nutze sie, um realistische Cyberangriffe zu simulieren und Sicherheitsmaßnahmen zu verbessern. Durch Reverse Engineering entdecke ich Fehler und Verbesserungsmöglichkeiten in Software und Hardware. Meine Fähigkeiten in Hardware- und Web-Sicherheit ermöglichen es mir, physische Geräte und Online-Plattformen vor einer Vielzahl von Cyberbedrohungen zu schützen und ihre Integrität und Zuverlässigkeit zu gewährleisten.