Cloud storage can make ransomware attacks harder to recover from, since encrypted files on remote servers are not always easy to restore. Google has been developing a response for several months and is now rolling it out to paid cloud customers. The company announced the anti-ransomware protections in September 2025, and they are now arriving for Workspace users who rely on Google Drive for Desktop. These safeguards use a dedicated AI model that has been refined over time.
Google says the new model can identify ransomware-related infections at a rate 14 times higher than earlier versions. The updated AI also runs faster and delivers stronger protection than it did during the beta phase. According to the company, thousands of users have already tested the tool, helping confirm its ability to scale and perform reliably.
The new anti-ransomware shield combines detection with file recovery. A specialized AI model monitors for suspicious activity while Google Drive for Desktop runs on a PC. When potential ransomware behavior is identified, file syncing is paused and the user receives a desktop notification. Administrators are also alerted through the console’s security center and by email.
After a ransomware threat is identified, customers can replace encrypted local files with clean versions saved in Google Drive. Google notes that this restoration process can save time and avoid ransom payments, and it works across multiple files simultaneously.
Ransomware detection and file restoration are now available for both end users and IT administrators in enterprise organizations. The features are enabled by default, although administrators can disable them across the company. Alerts for ransomware-like activity require Drive for Desktop version 114 or newer.
Google said the new security features are intended to reduce the impact of malware attacks on PCs within Workspace-based organizations. While threats tied to large language models, agentic browsers, and AI services continue to grow, ransomware remains one of the most serious risks to both user and business data.
Maybe you would like other interesting articles?