How Windows 10 plans to defeat ransomware
The recent WannaCry and Petya ransomware attacks have caused massive disruptions for Windows users. Although ransomware infection has slowed down in the past few weeks, many experts are saying that this is only just the beginning. Soon, newer and far more dangerous strains of malware will be developed. To help people defend against these threats, Microsoft has released new security features.
With Microsoft’s new Controlled folders access feature, you can list certain documents and folders as “protected.” Only whitelisted apps can access and edit these folders, while any attempted changes by malicious apps are simply blocked by Windows Defender.
In theory, this should slow down a ransomware’s ability to encrypt critical information. Some reports suggest that other threats like malicious file macros and viruses can be prevented by this feature.
So far, only Windows Insider users have access to controlled folders. But if you’ve already signed up, you can access the feature by going to Windows Defender Security Center and then enabling Controlled folder access. From here, you can choose which folders will be protected and what apps are allowed to access them. To save you time, common Microsoft applications are trusted automatically, but you can remove them from your whitelist whenever you want.
Apart from folder protection, Microsoft also made security enhancements for web browsers. The Windows Defender Application Guard is designed to prevent intrusions, using Microsoft’s Hyper-V virtual machine technology to detect and isolate compromised applications from the rest of your system. So if someone accidentally downloads a virus from their web browser, Application Guard will contain the threat before it infiltrates the rest of your company’s devices, apps, data, and network.
In a similar vein, the Device Guard feature, which is also found in the Windows Defender Security Center, minimizes computer exposure to malware by using advanced threat detection policies to make sure only approved code is running throughout the system. This is meant to add an extra layer of defense in between your firewall and antivirus software.
As mentioned, Windows Insider users can get early access to these security features, but if you want to make sure that these security features are as strong as they can be, we suggest you wait for their public release around September for the Fall Creators update.
Want to stay on top of the latest technologies that can help you beat ransomware, viruses, and other nasty cyberattacks? Contact us today for any security updates and advice.