Malware of all kinds can be a terrible experience and costly in terms of lost productivity, destroyed data, and the release of potentially embarrassing or valuable proprietary information. Ransomware, though, is in its own class of bad, not only threatening data but also directly costing victims money in response.
Microsoft understands this, and has published a post over at the Windows blog letting its customers know just how committed the company is to defending against ransomware:
Ransomware is one of the latest malware threats that is attracting an increasing number of cyber-criminals who are looking to profit from it. In fact, in the last 12 months, the number of ransomware variants have more than doubled. Its premise is deceptively simple: infect users’ devices, and then deny them access to their devices or files unless they pay a ransom. However, the methods and means attackers are using to perpetrate ransomware attacks are increasingly varied, complex and costly.
In response, Microsoft is taking some specific steps aimed at slowing down ransomware and providing customers will tools to combat it:
- Six of the top 10 ransomware threats use browser, or browser-plugin-related exploits, so we made it harder for malware authors to exploit Windows 10 and Microsoft Edge.
- We increased detection and blocking capability in our email services, increasing the number of ransomware-related attachments being blocked.
- We added new technology to Windows Defender to reduce detection time to seconds, increasing our ability to respond before the infection can occur.
- We released Windows Defender Advanced Threat Protection which can be combined with Office 365 Advanced Threat Protection to make it easier for companies to investigate and respond to ransomware attacks.
Microsoft is focusing on a few areas to deal with ransomware. They're working to prevent it by hardening the browser against exploits, protecting email, and applying machine learning to the task. Detection is being enhanced via improvements to Windows Defender. Finally, the company is responding by providing some defense after a breach ahs already occurred.
The company has some advice for Windows 10 users as well:
We have made significant improvements in protecting customers from ransomware in the Windows 10 Anniversary Update. To help protect against ransomware and other types of cyber threats, we suggest you:
- Update to the Windows 10 Anniversary Update and accept the default security settings within Windows 10.
- Keep machines up to date with the very latest updates.
- Ensure that a comprehensive backup strategy is implemented and followed.
The Block at First Sight cloud protection feature in Windows Defender is enabled by default. For IT Pros, if it was turned off we recommend turning it back on, and we also recommend incorporating another layer of defense through Windows Defender ATP and Office 365 ATP. For more information about each of these technologies and techniques and how they work, please download our white paper Ransomware Protection in Windows 10 Anniversary Update.
We recommend that you head Microsoft's advice, and that if you haven't already upgraded to Windows 10 Anniversary Edition, that you get that done as soon as you can. Security and privacy rely on updated systems that leverage all of the work that companies like Microsoft are putting into it. Let us know in the comments if you think Microsoft is doing enough to combat ransomware.