Ransomware in Windows 10
Ransomware is malware that employs encryption to hold a victim’s information at ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access.
You can delete malicious files manually or automatically using the antivirus software. Manual removal of the malware is only recommended for computer-savvy users. If your computer is infected with ransomware that encrypts your data, you will need an appropriate decryption tool to regain access.
Do not pay the ransom if a device has been locked. Paying extortionate ransoms only encourages cybercriminals to continue their practice. Instead, contact your local law enforcement agency and report the attack
Turn on Ransomware Protection
Unknown to many Windows 10 users, Microsoft offers built-in ransomware protection as part of Windows Defender, found under Virus & Threat Protection.
You can start by searching “Ransomware Protection” in the search bar.
You’re given the option to select Controlled folder access. Then you have the option to select which folders you want protected.
And that last caveat is an important one. If your backup is within easy reach of the malware program that’s locking your files, then you’ll be faced with encrypted backups as well as encrypted files. Make sure at least one of your backups is only occasionally connected to your main system, or that whatever backup solution you choose has revision history, so you can go back to before the attack took place.
When it comes to cloud backup solutions, many now offer file versioning features (Dropbox Rewind, for example)—they roll back your files to a previous point in time, which can be really useful in the event of a ransomware attack, because it means you’re able to revert to the state your data was in before it got encrypted. Check with the service you’re using for details.
As with any security threat, it’s impossible to 100-percent guard yourself against ransomware, but the steps outlined here should help minimize the risk. If the worst should happen, remember that ransomware is a crime, and you can report it via the resources mentioned on the Cybersecurity & Infrastructure Security Agency website here.