Welcome to ITS! Learn more about our strategic partnership with Afineol!

ITS San Francisco

By: ITS San Francisco on February 15th, 2022

Print/Save as PDF

Windows 10 Solution for Ransomware

Cybersecurity | Windows Operating System

When the WannaCry Ransomware hit a while back, Microsoft took an unusual step of patching all its old operating systems. Even the ones it had stopped supporting for various reasons. This step was taken as a way to limit any potential impact that ransomware may have on infrastructures such as hospitals and schools.

However, one of the operating systems that did not require a patch was Windows 10.

Windows 10 is immune to ransomware

ransomware protected

Microsoft has revealed how Windows 10 has been designed to resist ransomware. While such inventiveness is always a race between hackers and OS creators, it is always nice to know how they work. That way, future developers can always get some insight into how future attacks can be prevented. Here is a short summary of the Windows 10 capabilities.

The Windows 10 Creators Update Protection

anti-malwareThe Creators Update or version 1703 of Windows 10 comes with specific protection to fend off malware. For instance, it has a behavior that will allow it to suspend suspicious files. These files are then run through a “controlled detonation chamber” service that checks malware. The Windows Defender comes with an Antimalware Scan Interface technology in the latest version. This allows it to detect JavaScript or Visual Basic script that is executing or downloading ransomware.

Improvements to the Edge Browsers

Improved microsoft edgeAdditionally, Windows says that its Edge browser has a high degree of protection. It opens pages in ‘container sandboxes’ that protect them from malicious programs. Any downloads through the browser are run through a reputation checking service. Additionally, users are provided with the option of choosing whether they want to run Flash-based content. Microsoft views this as a great way to protect computers against ransomware.

Not only does Windows Edge protect from malicious ransomware, but it also works very well against malicious sites and phishing attempts. With more companies relying on the web to conduct business transactions, being protected from phishing is an awesome move by Microsoft.

Flash Control

flash controlThe purpose of Flash control is to stop ransomware infections that occur immediately after a user visits a site using Adobe software. The result is that ransomware can exploit weaknesses in Adobe software to the detriment of the user.

 

Device Guard

whitelistAnother feature that Windows has included is the Device Guard. The Device Guard lets organizations whitelist the software that can run on their devices. The whitelist applies to plug-ins and add-ins as well.

The Device Guard technology uses hardware virtualization of the CPU to protect the computer from bad system files and drivers as well. However, to utilize this feature, you will need to have a CPU with virtualization capabilities. In short, this technology may not work on older computers with older CPUs.

Advanced Threat Protection

post-breach analysisAnother feature that Microsoft touted is a post-breach analysis service of Windows Defender Advanced Threat Protection. This will allow Windows 10 to better analyze any ransomware that attacks a computer. The Windows Defender Advanced Threat Protection is sold separately for businesses. It is not the same as having Windows Defender antivirus.

Cloud-Based Protection

cloud protectionThe Windows 10 OS comes with an inbuilt antivirus that can block Ransomware automatically. However, one unique attribute about it is its ability to use machine learning. Thus, it is able to block even never-before-seen malware.

Thus, any suspicious files, whether new or unknown will be kept safely away from your device. Other advanced technologies that are used with cloud-based technology are deep neural networks, fuzzy matching, and other advanced technologies.

In this version of Windows 10, the anti-virus can suspend suspicious files from running and sync with other technologies on the cloud to inspect the file. Within seconds, the AV will be able to determine if the file is dangerous or not. The information is then stored to help others in the future. Thus, the ability of Windows 10 to defend against malware only grows as more attacks are directed to it.

What Will This Mean for the User Experience?

perform a Windows update

The average user of a PC will probably not notice much difference. These are behind-the-scenes tweaks to the security rather than updates to the interface. If you are a business owner, it means you will not have to hold a session with your staff to make them understand how to use the new version of Windows.

If you have just begun using Windows 10 in your organization, the latest version of updates may not be much of a priority.

You are Only as Strong as Your Weakest Links

If you want to stay safe in your organization, you will need to stay safe at all levels of the network. You will need to conduct end-user security training for instance. That way, your employees do not unwittingly open the door wide open for the bad guys to begin playing around with your security. If you want to learn more about how to avoid ransomware, contact us today!

The Whys and Hows of an Engaging Cybersecurity Awareness Training Program