The ransomware threat isn’t going away anytime soon;
The news brings constant reports of new waves of this pernicious type of malware washing across the world. It’s popular in large part because of the immediate financial payoff for attackers:
It works by encrypting the files on your hard disk, then demands that you pay a ransom, frequently in Bitcoins, to decrypt them.
But you needn’t be a victim. There’s plenty that Windows 10 users can do to protect themselves against it. In this article, I’ll show you how to keep yourself safe, including how to use an anti-ransomware tool built into Windows 10.
Note that this article assumes that you’re already taking the basic precautions against malware in general, including running anti-malware software and never downloading attachments or clicking links in email from unknown senders and suspicious-looking email.
Use Controlled Folder Access to protect windows 10
Microsoft is concerned enough about ransomware that it built an easy-to-configure anti-ransomware tool directly into Windows 10 to protect it.
It’s included in all versions of Windows 10 released since October 2017 Called Controlled Folder Access, it protects you by letting only safe and fully vetted applications access your files. Unknown applications or known malware threats aren’t allowed through.
By default, the feature is not turned on, so if you want to protect yourself against ransomware, you’ll have to tell it to get to work. And you can customize exactly how it works by adding new applications to its whitelist of programs that can access files, and adding new folders in addition to the ones that it protects by default.
To switch it on, you’ll need to access Windows Security. There are several ways to get to it:
- You can click the up arrow to the left of the taskbar’s notification area, then click the Windows Security icon — a shield.
- From the Settings app (click the Start > Settings), you can select Update & Security > Windows Security.
- You can type windows security into the search box next to the Start button and select Windows Security from the flyout screen that appears on the right.
- However you do it, once there, select Windows Security > Virus & threat protection. Scroll down to the “Ransomware protection” section and click Manage ransomware protection.
From the screen that appears, under “Controlled folder access,” toggle the switch to On. You’ll get a prompt asking if you want to make the change. Click Yes.
Back up… but do it properly
The whole point of ransomware is to hold your files hostage until you pay to unlock them. So one of the best protection from ransomware is to back up your files. That way, there’s no need to pay the ransom, because you can easily restore your files from the backup.
But when it comes to ransomware, not all backups are created equal. You need to be careful about choosing the right backup technique and service. It’s a good idea to use cloud-based storage and backup service rather than only backing up to a drive attached to your PC. If you back up to a drive attached to your PC, when your PC gets infected with ransomware, the backup drive will likely be encrypted along with any other disks inside or attached to your PC.
Make sure that your cloud-based storage and backup use versioning. That is, it keeps not just the current version of each of your files, but previous ones as well. That way, if the most current version of your files gets infected, you can restore it from previous versions.
Most backup and storage services, including Microsoft OneDrive, Google Drive, Carbonite, Dropbox and many others, use versioning. It’s a good idea to get familiar with the versioning feature of whichever service you use now. So you can easily restore files in a pinch.
Microsoft regularly releases Windows 10 security patches, and they’re automatically applied via Windows Update. But, if you hear about a ransomware outbreak, you shouldn’t wait for Windows Update to work —
you should immediately get the update yourself so that you’re protected as soon as possible. And it’s not just Windows updates you want to get. You also want to make sure Windows Security, Microsoft’s built-in anti-malware tool, has the latest anti-malware definitions.
To do both, go to Settings > Update & Security > Windows Update and click the Check for updates button. You will see one of the three option available:
- Updates are already waiting for you, you’ll see them listed instead of the Check for updates button.
- Windows finds updates, it installs them.
- It requires a reboot, it will tell you.
Disable macros in Microsoft Office
Ransomware can be spread via macros in Office files, so to be safe you should turn them off. To do it, when you’re in an Office application.
select File > Options > Trust Center > Trust Center Settings and select either Disable all macros with notification or Disable all macros without notification.
If you disable them with notification, when you open the file you’ll get a message warning that the macros were disabled and letting you turn them on. Only turn them on if you’re absolutely sure they’re from a safe, trusted source.