If you are worried about Ransomware (malware which encrypt your PC and demand payment in return for your data) Microsoft has a simply message – upgrade to Windows 10, use Edge and Windows Defender and you will be well protected.
Microsoft notes that Windows 10 Anniversary Update is more ransomware-resilient than ever before, offering defence in depth, starting with using Microsoft’s own Outlook.com email service.
With email a major channel for malware distribution, Microsoft’s email services now use machine learning models and heuristics to catch malware distributed in email before it even gets to your PC.
The other major channel for malware is your browser, and if you use Edge Microsoft has taken a number of measures. First the Flash player is quarantined in its own isolated container and even the whole browser runs at lower privilege, so that exploit running in the browser cannot execute another program.
If malware does get through (e.g. via Chrome) the next layer of protection is the new and improved Windows Defender, which is enabled by default, and which can respond to new threats faster using improved cloud protection and automatic sample submission features to block malware “at first sight”. The application also features improved behavioral heuristics to help determine if a file is performing ransomware-related activities (e.g. accessing and modifying a large number of files), and then detect and take action more quickly.
For enterprise users Microsoft released Windows Defender Advanced Threat Protection which can be combined with Office 365 Advanced Threat Protection to make it easier for companies to investigate and respond to ransomware attacks. Combined with other significant security advances, such as Credential Guard, Windows Hello and others, Microsoft says Windows 10 Anniversary Update is the most secure Windows ever.
To prevent damage by Ransomeware Microsoft recommends:
- Update to the Windows 10 Anniversary Update and accept the default security settings within Windows 10.
- Keep machines up to date with the very latest updates.
- Ensure that a comprehensive backup strategy is implemented and followed.
- The Block at First Sight cloud protection feature in Windows Defender is enabled by default. For IT Pros, if it was turned off Microsoft recommend turning it back on, and also recommend incorporating another layer of defense through Windows Defender ATP and Office 365 ATP.
We would also add that back-up with versioning is also important and easily available to Windows 10 users.
I have found an unused SD card slot with a low profile SD card is a pretty cheap and easy way to keep your data secure locally, and OneDrive of course provides the cloud back-up for free. Store your important files on OneDrive, which also features versioning, meaning you can always roll back if a file does become compromised, and enable file history on your PC (Settings> Update and Security > Backup) using the SD card drive as external storage.
Read more about Microsoft’s Ransomware Protection measures at Microsoft here.