April 13, 2026, 1:31 pm | Read time: 2 minutes
Since September 2025, Google has been testing a new ransomware protection feature for its cloud service, Drive. Now, the feature is officially available to all Google Workspace users. The technology is designed to detect attacks and automatically secure files before they are encrypted.
Ransomware is a particularly dangerous form of cybercrime. Attackers encrypt data on infected devices and demand money for its release. Businesses are often the target of such attacks. Google’s new feature continuously checks data during synchronization between the local computer and the cloud. As soon as suspicious encryptions are detected, the transfer is automatically stopped.
Ransomware Detection Only for Certain Subscriptions
The ransomware detection is an integral part of the Google Drive desktop client starting with version 114. According to Google, the tool in its final version detects up to 14 times more infections than before. However, the feature is only available in certain Google Workspace subscription plans:
- Business Customers: Business Standard, Business Plus
- Enterprises: Enterprise Starter, Standard, and Plus
- Educational Institutions: Education Standard and Plus
- Frontline Workers: Standard and Plus
Also of interest: Real-time translation! Google brings “Live Translate” to Germany
Private users without a subscription cannot use the feature, but they do benefit from file restoration, which also mitigates ransomware attacks.
File Restoration for Everyone
Additionally, Google is introducing a file restoration feature available to all Drive users. This feature allows users to independently revert ransomware-affected files to a previous state. This removes the leverage from attackers, as encrypted files no longer need to be held for ransom.