In the wake of massive ransomware attacks like WannaCry and Petya, Microsoft just told us they will release a new security feature to protect our files and data on Windows 10 machines. The aim of the new feature is to prevent hackers from encrypting and holding your data hostage, thereby avoiding the need for victims to pay ransoms for the hope of getting their files back.
The feature is called controlled folder access and works by designating a set of folders that come protected. This means only apps you approve through a whitelist will be able to access them.
“Controlled folder access monitors the changes that apps make to files in certain protected folders. If an app attempts to make a change to these files, and the app is blacklisted by the feature, you’ll get a notification about the attempt,” Microsoft announced in a blog post.
The default folders that come protect include Documents, Pictures, Movies, and Desktop. But users can add to the list of protected folders with their own locations.
The update is just one feature in Windows’s built-in anti malware system, Defender Antivirus. It’s currently available to Windows Insiders and should reach the general public later this year. It’s none too soon given ransomware’s growth over the last few years.
The rising toll of ransomware
Cybersecurity Ventures predicts ransomware damage costs will exceed $5 billion (£3.9 billion, €4.4 billion) in 2017, up from a predicted $1 billion (£776 million, €877 million) in 2016. Worse yet, hackers are evolving their tactics and level of sophistication as this form of cyber-extortion continues to mature.
Where once we saw them target individual consumers more often, hackers are now pulling off heists aimed at maximizing destruction by targeting larger entities like government agencies, corporations, hospitals, and transportation infrastructure.
Even more creative permutations of ransomware applies new tactics and incentives to tease out money from its victims. Security firm McAfee discovered one such Android-based malware called LeakerLocker which doesn't even encrypt your files. Instead, it steals your data and browsing history and threatens to share it with your family and friends unless you pay a "modest ransom". And their estimation on the price we'll pay to avoid humiliation? They pegged it at $50 (£39, €44).
WannaCry stumbles onto the scene
WannaCry debuted in May as the world’s largest ransomware attack to date. Over the course of one weekend, the malware infected more than 230,000 computers in over 150 countries. The National Health Service as well as Germany’s railways were two of the biggest public institutions to fall victim.
In a twist of fate, the attack was subdued almost as quickly as it came when 22-year-old Marcus Hutchins found a simple kill switch that turned the malware completely moot. He registered a previously unused domain name referenced in the code. Still, new versions of WannaCry without the original amateurish vulnerability have continued to spring up and show us the fight is far from over.