The latest spread of ransomware virus between June and July 2017 has forced IT departments and software manufacturers to take action to avoid network downtime.
Multiple high-profile incidents have demonstrated that ransomware can have catastrophic effects on critical public and private services. Hospitals, transport systems, and other high-tech facilities across the globe have been affected.
No matter if it were network administrators at fault because of their naïve behavior or users because they did not pay attention to scan infected attachments before opening them, now it is time to enhance the security of each network and to educate users that they should be more vigilant when they are working off their computers.
Until the middle of 2017, in order to protect Windows from ransomware it is required to do the following:
– Update your antivirus and scan regularly your computer with it
– Update Windows via Windows updates
– Install the free product from Cyber Reason that detects and stops the encryption of your hard drive.
– Have a strong offsite cloud backup that copies your computer’s files to the cloud and does not mimic them via a folder on your computer like Google Drive and Microsoft One Drive.
Microsoft is already hardening its Windows products and it recommends to switch to Windows 10 on the client side and on Windows Server 2012 or 2016 on the server side. The reason of this advice is because in the last couple of years Microsoft has hardened the Windows kernel and has released bundled updates to fight better against the lucrative ransomware.
The release of Office 365 and Exchange online is undoubtedly a huge step towards email security but companies using Exchange online are better protected than home users because their mail MX record is hosted by Microsoft and Microsoft will take care of securing it. If you are a home user with Office 365 and use Gmail, for example, the email protection is provided by Google and not by Microsoft.
Recently Microsoft reports that its Windows defender antivirus has a cloud engine capable to detect and stop ransomware attacks. In addition, new updates are coming on its browser Edge that will stop malicious scripts and the display of infected websites.
Companies can also rely on the new antivirus engine by Microsoft called Microsoft Advanced Threat Protection that can be deployed on each workstation and can have a centralized GUI for network administrators. As home users cannot use Microsoft ATP, they can instead switch to Windows 10 Creators Update if they want to have a more robust shield against ransomware. As a matter of fact, after having downloaded the product that will be available from September on, it will be enough to turn on a feature that protects the file system folders to exclude them from the executables of the ransomware.