Google Drive’s AI-powered ransomware detection feature is now generally available and enabled by default for all paying users. Announced in September 2025, this feature aims to protect users from ransomware attacks by automatically pausing file syncing when malicious activity is detected, according to a recent report by Bleeping Computer.The AI model, which has seen significant improvements since its beta phase, can now detect 14 times more ransomware infections at a faster rate. When ransomware is detected on a synced desktop computer, Google Drive will immediately pause syncing, alert the affected user and IT administrators, and create a notification in the Google Admin console.While the feature does not prevent local file encryption, it safeguards files stored in Google Drive, allowing for quick restoration once the malware is removed. Users are provided with instructions to restore corrupted files using the Drive restoration tool.Source: Bleeping Computer
