C
Cyber_Defend_Team
Guest
Nowadays, ransomwares are considered great risks for users. They infect system and encrypt your files and ask you to pay money to gives you the key to decrypt them. Even if you made payment, there is no guarantee to get back all your files and paying them would make cybercrime ecosystem stronger and they use this money to improve their resources to infect more people. In general, having a proper backup plan and creating regular backup and making sure Windows Defender (or any other anti-malware product) is fully updated is the best way to protect yourself against ransomwares. You should also take caution on clicking on suspicious links or opening suspicious files.
In case you are using Windows Defender as your default antimalware in Windows 10, you have feature called Controlled folder access which provides great protection against ransomwares. You could access it by opening Windows Security (just open Start or Search and type for Windows Security) and then go to Virus & threat protection and scroll down and you should see Manage ransomware protection and click on it and it should open menu where you see Control folder access option like picture below.
When you turn it on, it will start protecting you against ransomwares and default setting is recommended one but you could change it as like. Let’s take a look at options in this Controlled folder access:
Block history: When Windows Defender block access to any changes to files, it will show you notification and you could see list of blocked actions here. In case, if you want to investigate incorrect blocking or check how well it protects you, this is great place to check it out.
Protected folders: by default, it will protect windows system folders, however if you want it to protect additional folders or you have any important folder which you want it to be protected, you may add it in this menu. Note that it only protects folders which are listed here.
Allow an app through Controlled folder access: There is mechanism to automatically allow trusted application to make legitimate changes to folders but sometimes due to behavior of certain application or if application is not trusted, Control folder access might block its change. In this case, you could add application to allowed app. Please make sure you only add applications which you trust and you are sure they are not malicious.
Important Notes:
Controlled folder access is not replacement for antimalware or any protection product and it is only additional protection layer against ransomwares.
If your system is already infected with ransomwares, Controlled folder access could not protect and recover your files. It is protection step before your system get infected and it will start protecting your system when you enabled it.
In case you are using Windows 10 and you won’t see this option, you are using older build of Windows 10 and you will have to upgrade to the latest build and make sure Windows Defender is your default antimalware product.
More...
In case you are using Windows Defender as your default antimalware in Windows 10, you have feature called Controlled folder access which provides great protection against ransomwares. You could access it by opening Windows Security (just open Start or Search and type for Windows Security) and then go to Virus & threat protection and scroll down and you should see Manage ransomware protection and click on it and it should open menu where you see Control folder access option like picture below.
When you turn it on, it will start protecting you against ransomwares and default setting is recommended one but you could change it as like. Let’s take a look at options in this Controlled folder access:
Block history: When Windows Defender block access to any changes to files, it will show you notification and you could see list of blocked actions here. In case, if you want to investigate incorrect blocking or check how well it protects you, this is great place to check it out.
Protected folders: by default, it will protect windows system folders, however if you want it to protect additional folders or you have any important folder which you want it to be protected, you may add it in this menu. Note that it only protects folders which are listed here.
Allow an app through Controlled folder access: There is mechanism to automatically allow trusted application to make legitimate changes to folders but sometimes due to behavior of certain application or if application is not trusted, Control folder access might block its change. In this case, you could add application to allowed app. Please make sure you only add applications which you trust and you are sure they are not malicious.
Important Notes:
Controlled folder access is not replacement for antimalware or any protection product and it is only additional protection layer against ransomwares.
If your system is already infected with ransomwares, Controlled folder access could not protect and recover your files. It is protection step before your system get infected and it will start protecting your system when you enabled it.
In case you are using Windows 10 and you won’t see this option, you are using older build of Windows 10 and you will have to upgrade to the latest build and make sure Windows Defender is your default antimalware product.
More...