Microsoft recently penned a blog post explaining some of the security updates in the Windows 10 Anniversary Edition, especially dealing with protecting against ransomware.
Despite a plethora of concerns around its privacy policies and default settings, Windows 10 is the "most secure version of Windows," according to a recent blog post from Microsoft. The post, which was written to explain the ransomware protections in the Windows 10 Anniversary Update, said that Windows 10 devices are "58% less likely to encounter ransomware than when running Windows 7."
Although not a new threat, ransomware seems to be ramping up lately, grabbing headlines around major attacks. According to Microsoft, the number of ransomware variants has more than doubled in the last year, and ransomware encounters have increased by 400% from December 2005 to July 2016.
Because of this, Microsoft decided to highlight some of the security improvements in the Windows 10 Anniversary Edition, and how they protect against ransomware. For starters, it claims the browser is more secure.
Many ransomware threats come through the browser or browser plugins, the post said. So, Microsoft has improved its Microsoft Edge browser's ability to defend against ransomware. For example, the Adobe Flash plug-in now runs in an isolated container on Edge. According to the post there are "no known zeroday exploits or exploit kits successfully targeting Microsoft Edge to date."
Microsoft email also got some machine learning upgrades that make it easier for the service to block emails that may contain ransomware links or attachments, a Microsoft white paper said. And, Microsoft also released Windows Defender Advanced Threat Protection to give even more context and insight around potential attacks.
Another feature that Microsoft pointed to in its post was the Block at First Sight feature in Windows Defender. This feature uses machine learning and automated analysis to help admins determine whether or not a certain file is malicious. Of course, this feature should be enabled by default, but Windows 10 has been criticized for some other default features that have caused privacy concerns among users.
The fact that Microsoft would dedicate time to address ransomware specifically further highlights how the threat has evolved over the past decade. Bob Gourley, co-founder of the cyber security consultancy Cognitio and former CTO of the Defense Intelligence Agency, said that ransomware used to be taken lightly, but it has grown to be more troublesome.
"Over the last two years we have seen ransomware evolve to the point where it can come in from multiple paths, spread throughout an enterprise and backup holdings while remaining covert to standard detection, and then lock down files all at once causing an enterprise-wide crisis," Gourley said. "What was once seen as a joke is now one of the most significant threats in enterprise IT."
New tools in automation and other technologies are making it easier to fight ransomware, but everyone should still be working hard on their data backup strategies, Gourley said. Additionally, network segmentation and employee training can also go a long way in helping prevent an attack.
The 3 big takeaways for TechRepublic readers
- Microsoft recently highlighted some of the security advancements in the Windows 10 Anniversary Edition that deal specifically with ransomware.
- Microsoft said the number of different types of ransomware have doubled over the past year and encounters are increasing as well.
- New technologies are helping mitigate ransomware threats, experts say, but companies should still work on data backup and employee education.
- How to avoid ransomware attacks: 10 tips (TechRepublic)
- Meet the new ransomware that knows where you live (ZDNet)
- Ransomware: The smart person's guide (TechRepublic)
- The cost of ransomware attacks: $1 billion this year (ZDNet)
- How to mitigate ransomware, DDoS attacks, and other cyber extortion threats (TechRepublic)