For years, computer users and organizations have been plagued by ransomware, which prohibits you from accessing your information unless you pay the criminal who infected your machine. Given its popularity and the fact that a ransomware infection might result in the loss of sensitive assets such as papers or family photos, it’s a smart idea to safeguard you. Microsoft has introduced tools to its built-in Windows Security software that can help keep your machine safe from ransomware beginning with Windows 10.
Windows Security has two levels in terms of ransomware protection. The first is malware detection, which is activated by default and can be accessed here for more details. While this will block ransomware from being installed on your machine, the scans will not be able to safeguard your files if malware is already there.
Winning the battle against ransomware
The second line of defense is Windows’ ransomware protection, which must be activated manually. Before you go any further, keep in mind that this option is by default deactivated for a reason. It prevents ransomware from encrypting and locking your data by limiting access to only authorized programs. This, however, can cause issues with programs that aren’t expecting it, thus you may need to conduct some troubleshooting if you have ransomware protection enabled.
While a result, as we go over how to set up ransomware protection, keep in mind that there will very certainly be some tweaking needed.
HOW TO TURN ON RANSOMWARE PROTECTION
The security program includes Windows’ built-in ransomware prevention. To find it, type “Windows Security” into the start menu or navigate to “Settings”> “Privacy & Security”> “Windows Security.”
Go to “Virus and threat protection” and then click “Manage ransomware protection” to enable ransomware protection.
You may next enable a feature called “Controlled folder access,” which prevents unauthorized programs from making modifications to your documents, photographs, videos, or music folders.
ADJUSTING CONTROLLED FOLDER ACCESS
When you enable Controlled folder access, three new control panels appear: “Block history,” “Protected folders,” and “Allow an app through Controlled folder access”. By default, Controlled folder access restricts modifications to files in your computer’s Documents, Pictures, Videos, and Music folders to a list of permitted programs. These programs allow you to change how the system functions.
For example, you may utilize the “Protected folders” panel to protect additional folders, and the “Allow an app via Controlled folder access” page to control which apps are allowed to make changes to protected folders.
What you can do is as follows.
Programs “chosen by Microsoft as friendly” will always be allowed to update your protected files, according to one Windows security website. But it doesn’t imply that the software you’ll want to use will be approved by default. Whether you notice a strange problem after enabling Controlled folder access (one typical error I saw during testing was receiving a “This file cannot be located” warning while attempting to save a file), check “Block history” to see if Windows Security has been preventing that program from making changes.
“Block history” shows you which program was banned and which folder it was attempting to write to. If you’ve been having problems with an app, you should add it to the list of apps that can make modifications. (We’ll go through how to achieve it shortly.)
If you wish to protect other folders from ransomware, such as your Desktop folder (which isn’t secured by default), click the “Add a protected folder” option.
You may then go to the folder you wish to secure and click the “Select Folder” button.
You may remove protection from custom-added (but not default) folders by returning to the “Protected folders” panel. Then select the folder you created, and click the Remove button.
ALLOW APP ACCESS THROUGH A CONTROLLED FOLDER
If you’re experiencing trouble with an app and want to add it to the approved list, return to the “Ransomware prevention” tab. Check the box next to “Allow an app through Controlled folder access.”
After choosing the “Add a permitted app” option, you can view a list of applications that have recently attempted to write to your protected folders by clicking “Recently blocked apps.”
You then unblock it by clicking the + icon next to its name.
While you should only have to go through this procedure once per app, it can be tedious. You may be off Ransomware Protection at any moment, but if you believe you’re in high danger of infection and don’t have backups, you should think again.
ADDITIONAL PROTECTION MEASURES
Windows’ built-in ransomware protection is powerful. It’s generally not a good idea to rely on it as your primary security; like other anti-malware systems, it should be seen as a backup rather than the first line of defense. Here are some steps you can take to avoid becoming infected with ransomware in the first place, as well as to guarantee that your data is safe even if the worst happens.
BE AWARE ONLINE
Ransomware, like any other sort of malware, can spread by phishing emails, exploiting security flaws in out-of-date software. It acts as a genuine program, among other techniques. When you’re online, it’s critical to be cautious. If someone tries to convince you to download software from an untrustworthy source that appears good, proceed with great caution.
It’s also a good idea to double-check the file extensions you’re provided. If someone says an attachment is a paper but it has a.exe or.msi extension, the file is most likely malicious. If you can’t see the file’s extension, right-click on it and select “Properties.” Next to the “Type of file” header, Windows will inform you what type of file it is.
Some of the reasons that can lead to your computer becoming infected with ransomware are listed in Microsoft’s guide to defending yourself from ransomware:
- Visiting dangerous, questionable, or bogus websites.
- Opening file attachments from persons you don’t know or that you weren’t anticipating.
- Clicking on malicious or harmful links in emails, Facebook, Twitter, and other social media posts, as well as instant messenger and SMS chats
KEEP YOUR RANSOMWARE PROTECTION SOFTWARE UPDATED
It’s also critical to keep up with the newest security updates for your operating system and any applications you use daily. Most browsers will automatically update themselves, and Windows will normally install updates as they become available. Go to “Settings”> “Windows Update” and click the “Check for updates” option to manually check for updates.
By heading to the Microsoft Store app, tapping the “Library” icon in the lower left-hand corner, and then clicking the “Get Updates” button to identify any available updates, you may update any programs installed through Windows’ built-in store. You may also update individual applications by clicking the “Update” button or the “Update all” button at the top of the page.
ENSURE THAT YOU HAVE BACKUPS
While ransomware protection and good browsing habits might keep you secure, no solution is flawless. It’s critical to have a backup of your computer’s contents. So if you become infected with ransomware, you don’t lose your most precious images, movies, or documents. Backups can also prevent data loss if your computer is physically damaged, misplaced, or stolen.
WHAT SHOULD YOU DO IF YOUR COMPUTER HAS RANSOMWARE?
If all of your safeguards fail and you realize that your machine has been infected with ransomware, there are three critical measures to take:
- Turn down your computer’s Wi-Fi or Ethernet. Certain ransomware may spread to other machines on your network, so it’s critical to limit the harm.
- Do not pay the ransom – doing so may be illegal depending on where the hackers attempting to extort you reside. Paying does not ensure that you will regain access to your information.
- Don’t connect backups if you have them; the ransomware will very certainly try to destroy them as well.
Microsoft suggests doing a comprehensive check of your machine with Windows Security. (Malwarebytes is well-known for its capacity to clean a computer of malware. It is free for personal use and is another useful tool to try.) If neither of these works, you may need to completely restart your computer.
Finally, if you aren’t convinced that you can remove the ransomware on your own, take your computer to a specialist. It’s important to ensure that your machine is completely clean before attempting to retrieve your backups.