Ransomware protection in Windows 10

Ransomware is proving to be a major challenge for computer users all over, including Microsoft when it comes to handling malware on Windows 10. In fact, the company claims that the variants of ransomware have more than doubled in the past 12 months. And while other kinds of viruses and trojans are short-term and extractable, Ransomware works on the premise of extorting funds in return for non-deletion of all your important files and documents. To add to that, methods and means attackers are using to perpetrate ransomware attacks are varied, complex and costly.

Here is how Windows 10 Anniversary Update deals with the threat of ransomware on your PC.

Ransomware protection in Windows 10

ransomware_protection_windows_10

Windows 10 Anniversary Update has added new technology to increase protection on Windows 10 against malware, including ransomware-related threats. Microsoft has made it so that it is extremely difficult for certain exploits to work when using Microsoft Edge, and enhanced URL reputation to better notify you about potentially unsafe websites. We increased the ability to block email attacks from ever reaching our consumer and commercial productivity suite customers. Microsoft has released Windows Defender ATP to make it easier for companies to investigate and respond to ransomware attacks, and more!

PROTECTION

For protection against attackers causing ransomware, Windows 10 v1607 and later has some significant improvements for your computer. So you need to do the following things first to stay protected:

  • Update to Anniversary edition and switch to default settings.
  • Keep your operating system and installed software updated with the latest versions.
  • Manage your backup and restore strategy well.

Read: Protect against and prevent Ransomware attacks.

PREVENTION

  • Browser Hardening

As seen last month, some malware attackers were using software like Adobe Flash to get into browsers and harm your computers. So, with the new update, Microsoft has updated Adobe Flash to work in an isolated container on Microsoft Edge browser. The update also brings in a feature on Edge that doesn’t allow malware to leave the browser and affect other programs. This border tightening on Microsoft Edge will help contain the ransomware and fasten the removal process. These improvements also block malware from silently downloading and executing additional payloads on customers’ systems.

  • Improved SmartScreen

In order to do a better job of preventing browser-based ransomware from reaching users in the first place, Microsoft extended SmartScreen Filter by cultivating a broad set of data from sources that are part of the Microsoft Intelligent Security Graph. When you unwittingly click on a link that could lead to an unsafe website, Windows 10 has the ability to notify you that site could be malicious.

  • Email Protection

Another major distribution channel for ransomware attackers is via email attachments. They can send across malicious links via emails, which are then clicked by vulnerable users. Microsoft claims to have advanced the machine learning models and heuristics to catch malware distributed in the email and developed a faster signature delivery channel to update the Windows Defender faster on mail. The result will be improved protection levels for both consumer and commercial customers on Windows 10 Anniversary Update. Take a look at the precautions to take when opening email attachments or before clicking on web links.

  • Machine Learning

Apart from protecting all the loose ends on their browser and email servers, Microsoft has also introduced a better and more efficient Machine Learning that will pave the way for tougher implementation of ransomware defense. The improved machine learning techniques can detect malware quickly. The entire process of detecting, analyzing and then trying to remove malware becomes a task that is completed in minutes.

DETECTION

  • Windows Defender

Windows Defender has been Windows’ default security software, which saw the light of day during the XP times. With Windows 10 v1607, the software has become tougher and stronger. The update can now respond to new threats faster using improved cloud protection and automatic sample submission features to block malware as and when they are spotted. Windows Defender’s behavioral heuristics have been improved to help determine if a file is performing ransomware-related activities, and then detect and take action more quickly. It also helps defend against Ransomware infections in Corporate Networks.

ACTION

Once the ransomware has been detected with the help of Windows Defender, it is time to tackle the attack. Windows 10 Anniversary Update brings with it the new Windows Defender Advanced Threat Protection service which adds the ability for companies to detect and prevent to attacks that have made it through the other protection methods. Windows Defender ATP combines security events collected from the machines with cloud analytics to detect signs of attacks and help your PC stay away.

Apart from this, Microsoft is also initiating a new feature – ‘Block at First Sight‘ – which is a cloud protection service that has been turned on by default with the Anniversary Update.

So this is how Windows 10 Anniversary Update v1607 and later helps to keep you protected against Ransomware, with the help of new features that it introduces.

While cyber attacks are never completely avoidable, Microsoft is pursuing a future with to minimize the impact of such attacks and keep Windows protected at all times. You might want to download this useful PDF ebook from Microsoft to read more about this.

Now read: What to do after a Ransomware attack on your Windows computer?

Download this VPN to secure all your Windows devices and browse anonymously
Posted by on , in Category Security with Tags
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.

15 Comments

  1. Robert Palmar

    I take it the improved SmartScreen protection will activate with any browser not just Edge.
    This ransomware threat is very real, I have a friend I consider computer savvy
    get infected and this proactive stance by Microsoft is most welcome.

    Great rundown as usual, Anand. I was unaware of much already in
    place with the Anniversary Update including cloud protection.

  2. SmartScreen filter offers protection to Microsoft Edge and Internet Explorer users.

  3. Robert Palmar

    I see. Thanks for that information, Anand. Much appreciated.

  4. jjstccean

    Good, thank you Anand. Where would one go to get the update?

  5. jjstccean

    Thank you.

  6. TheRedHood

    My plan is to restore with a RollBack snapshot, or if that doesn’t work (which hasn’t been the case), a disk image.

    Good write up as per usual.

  7. Alan Crouch

    Just use a Cloud Service that has file versioning setup by default, make daily backups and if the cloud is infected, just go back to previous version of the file.

  8. Robert Palmar

    Others prefer local backups, like myself.

  9. zepe

    In the new Controlled folder access, if one decides to rearrange these folder, is it possible to disable Controlled folder access and re-enable it after one edits the folders?

  10. Alan Crouch

    I never said stop local, just have an automatic cloud going for a backup option.

  11. Robert Palmar

    Okay, but by saying “Just use a Cloud Service”
    that implies using that kind of backup exclusively.

  12. Alan Crouch

    Hello Robert,

    Okay well i have been using computers my whole 34 year life, in a country in Africa, since my father was a programmer and started programming using punch cards, and therefore computers were a part of life, i also used to go with him to change the “tapes” for backups, which back then were huge tape rolls, say between 30 – 60cm in diameter depending on the client. Even then with duplicated HDD’s, tiny 50mb or whatever drives, each client still changed the roll every morning and every night.

    My point is too many backups is never enough… So having an off site, cloud backup with an easy Google Folder Sync, for example, as an extra can never hurt. Just always use a totally different UN and PW for the cloud account, and the software running the backup/sync software, so that the RANSOMWARE does not just sync and encrypt that too.

    I would also say rather only do a daily sync, not a continuous, so that you have an emergency backup.

  13. Robert Palmar

    Hello, Alan, I do agree. You cannot have too many backups when disaster strikes.

    An online and local solution makes sense. I only run local backups manually
    too after verifying the files are uninfected (ransomeware specifically).
    In the past I had external drives always connected automatically
    backing up several times a day which is not safe to do today.

    I also have terabytes of data to deal with so even any
    online backup for me would have be selected files.

  14. Nevi Løvfelt

    And Chrome.

Leave a Reply

Your email address will not be published. Required fields are marked *


6 + 1 =