Published on March 14th, 2021 📆 | 4449 Views ⚑
0State Of Windows 10 Ransomware Protection 2021: Some Surprises, Says Report
Windows 10 ransomware protection remains the first and only line of defense for the majority of consumers using Windows in 2021.
Ransomware is one of the most dangerous kinds of malware because it not only denies access to your data but demands a ransom be paid.
And the amount of ransom demanded keeps going up. The average ransom payment jumped 31 percent to $233,817 in the third quarter of 2020 from $110,532 in the second quarter, according to statistics posted by Coveware.
Are you protected? Windows ransomware protection basics
Unbeknownst to many consumer users of Windows, Microsoft offers built-in ransomware protection as part of Windows Defender, found under Virus & Threat Protection.
The basics for turning it on arenât complicated: type in âRansomware Protectionâ in the Windows 10 Cortana search bar (typically in the bottom lower left of the screen) then go to the âRansomware Protectionâ screen.
Youâre given the option to select âProtected foldersâ as Microsoft spells out in this recent document. Then you have the option to select which folders you want protected from Ransomware. This is designed to protect* files and folders from unauthorized changes.
The State of Windows Defender Ransomware protection â with some surprises
A YouTube video (at bottom) from The PC Security Channel â an organization sponsored by the Ingenuity Lab, University of Nottingham â ran tests to demonstrate the level of protection you can expect from Windows Defender.
While the online protection test yielded good results with only a single ransomware âsampleâ getting through (see 2:20 mark), the offline protection was more dicey (see: 7:40 mark) with 10 samples missed.
After the offline test, there is an attempt to reboot the computer but it has been hijacked by Ransomware.
âThis is what happens to Windows Defender when the Internet goes away,â PC Security Channel says referring to offline protection, adding âit shows how cloud-dependent it is.â
On the upside, some documents were shielded by the Protected Folders feature and the PC Security Channel recommends turning on the Controlled Folder Access, which is under the Windows Ransomware Protection feature.
Microsoft agrees that cloud protection is critical. âCloud protections are an important part of defending new malware in real-time,â a Microsoft spokesperson told me. âThey allow us to continually enhance our anti-malware and other security features built into our platforms to fight the evolving complexity of threats,â the spokesperson said.
Tactics to fend off ransomware
Itâs strongly suggested by cybersecurity professionals that you use a a cloud-based file hosting service with automatic backup, such as Microsoftâs OneDrive, so youâre regularly backing up files.
Another good defense is a so-called âair gapâ strategy where the external storage device is completely disconnected from your computer and the internet. Back up your files, then disconnect the storage device.
Another piece of advice is to separate work and personal devices, says Unit 42 of Palo Alto Networks, a cybersecurity firm. While attackers tend to target corporations, schools, and hospitals, âwe may see consumers who are working from home and doing their shopping on their work devices get targeted by attackers,â Unit 42 said.
Summary:
âWhile Windows Defender has improved considerably over the years, there are several key areas where it is still largely susceptible to attacks, as we have found during our repeated testing on The PC Security Channel,â Leo, who is the founder of the PC Security Channel, told me in email.
ââ
NOTES:
*The goal is to block suspicious software but if an app is blocked that you know is safe, Microsoft gives you the option to build a white list. Use the Controlled Folder Access for whitelisting apps. You can do this by going to âallow an app through Controlled folder access.â
See this additional information from Microsoft on ransomware protection.
Comments can be sent via direct message to âtwitter.com/mbrookecâ
Gloss