A great benefit of cloud storage is the ability to automatically store backup data off-site, but ransomware can be a serious problem to that approach, since if it too is synced off-site, the entire cloud backup may be useless. Google recognizes this, and since September of 2025, has been working on addressing that shortcoming of Google Drive entirely. As of now, Google Drive’s ransomware detection has come out of beta, and according to Google, “thousands of users have tested file restoration,” proving it to be “scalable and reliable.” Combined with an AI model “detecting 14x more infections,” it would seem that Google has successfully solved the problem.
This will likely be welcome news to education and enterprise users who utilize Google Workspace. Information suggests that major ransomware breaches could have been effectively reversed had the entities in question been protected by Google Workspace and Drive’s ransomware protection. Regular end-users who want to protect themselves from ransomware will have to rely on more traditional backup and security solutions, though drives with built-in ransomware protection could become more common in the future.
Google’s official announcement notes that the feature will be on by default for Google Workspace users, along with Drive file restoration. The notifications will only work on Drive For Desktop v.114 or later, but syncing will still function on older versions of the software. Google also notes that ransomware detection will be available for Business Standard and Plus, Enterprise Starter, Standard and Plus, Education Standard and Plus, as well as Frontline Standard and Plus plans. File restoration is also “available to all Google Workspace customers, Workspace Individual subscribers, and users with personal Google accounts”, though its application for personal accounts may be limited by the lack of detection on them.
