Some malware hides in the shadows, taking over systems and using them for nefarious activities, such as the denial of services attack that took down the internet a few weeks back. Others are purely destructive, randomly wreaking havoc without concern for who’s affected, or how.
Ransomware is different. It doesn’t destroy data, but merely locks it away behind unbreakable encryption. Far from hiding itself, ransomware announces its presence as a demand for cash in exchange for the encryption key needed to unlock the victim’s data. As a company, Microsoft is keenly aware of the impact of ransomware on its customers, and it has taken significant steps to combat the problem, as the company outlines in a Windows blog post.
According to Microsoft, the number of ransomware types in the wild has more than doubled in the past year, and the newer types display increased complexity and cost. Browser-based exploits account for 60 percent of all ransomware vectors, something the company has addressed in both Windows 10 and its Edge browser.
In addition, Microsoft has addressed vulnerabilities in its email services, added new technology to Windows Defender to more quickly detect and respond to threats, and combined Office 365 Advanced Threat Protection with Windows Defender’s version to help companies in particular attack the threats. These efforts have been combined with Credential Guard, Windows Hello, and other Windows 10 Anniversary Update-specific efforts to lock down Windows 10.
Microsoft details their efforts to protect against ransomware in the blog post. Highlights include the use of browser hardening techniques to place vulnerable code like Adobe’s Flash Player in isolated containers where damage can be contained. The company is also applying its vast machine learning infrastructure and knowledge to the issue of identifying, analyzing, classifying, and responding to specific attacks in minutes rather than hours.
While Microsoft has taken significant steps to address malware in general and ransomware specifically, it also has advice for its customers. Not surprisingly, updating to Windows 10 Anniversary Update and accepting default security settings, and keeping machines updated, is at the top of the list. Because ransomware is a threat primarily to vital personal and business data, a comprehensive backup strategy that is consistently implemented is next on the list.
Microsoft asserts with some confidence that Windows 10 is the most secure Windows ever, and the company has certainly a invested massive amount of time and money in supporting that statement. As the operating system used by roughly 90 percent of all PCs, Windows is particularly important to ensuring security across the internet, and Microsoft appears to be taking serious steps to help.
