Microsoft Ransomware Response Whitepaper and eBook

Microsoft has released a whitepaper that explains how Windows 10 offers strong ransomware protection to keep your computer safe at all times. Although ransomware has always been a problem, it has never been more prominent than after the wrath of the WannaCrypt attack.

Ransomware could have serious effects. The scope of the attack can vary from a simple attack on a computer to an attack that disrupts health and infrastructure services, the latter being a critical issue. If not resolved in time, the monetary loss and other losses could be unbearable. Unfortunately, no platform is immune to ransomware. It attacked Linux, Mac and Windows.

White Paper on Ransomware Protection in Windows 10


Although Microsoft has always been committed to cybersecurity, recent incidents have prompted it to take additional steps to recognize and mitigate. A few of them are as follows:

1]Increase attack cost: A ransomware attack isn’t always free, especially when directed at larger systems with a wider reach. Since the goal of a ransomware attack is to extort money, the attacker judges whether the attack would be profitable and decides accordingly. Microsoft is trying to harden its software and use hardware-based security so that the cost of attacking a system can be increased. This would deter the abuser from doing so.

2]Advanced Threat Protection: A difficult part of managing ransomware threats is that it is never done by amateurs. Well-skilled and well-funded attackers are involved in cybercrime. Thus, Microsoft relies on Windows Defender Advanced Threat Protection to counter these threats.

3]Enterprise Security Operations: Corporate security operations personnel are well trained to handle threats with information confidentiality.

Microsoft says no Windows 10 users were affected by the recent Wannacrypt ransomware attack. This is indeed a very proud statement considering the panic created by the attack. More so, they have another claim. Microsoft claims that its new Windows 10 S operating system is not vulnerable to any known ransomware.

Although the success of Windows 10 in controlling the WannaCrypt ransomware attack is phenomenal, not all users use Windows 10. On the contrary, many still rely on unsupported versions of Windows. While Microsoft is neither responsible nor responsible for unsupported versions, they understand how crucial this could be for their customer base and continue to release updates to help them as well.

A 4-step policy followed by Microsoft is as follows:

  1. To update the operating system and software in time.
  2. Educate users about attacks and prevention.
  3. To continue checking, the anti-malware must be up to date.
  4. To back up necessary data to the cloud.

You can download the Microsoft PDF document by clicking here.

Microsoft Ransomware Response Guide

Microsoft also released a Ransomware Response Playbook. Ransomware attacks can affect home users, businesses, and businesses alike. Ransomware can lead to huge monetary losses if not mitigated. User privacy has been one of the main concerns of Microsoft and so the company yesterday released its new Ransomware Response Guide which addresses the problem of ransomware and explains how businesses can use Windows Defender ATP to detect, investigate, remove, and prevent ransomware threats on their networks.

Ransomware Response Guide

The Ransomware Response Playbook provides detailed information on how organizations can detect ransomware and remove it using Windows Defender Advanced Threat Protection. To illustrate, the playbook uses Cerber-Ransomware, a genuine ransomware infection that has been in the spotlight for over a year now.

The playbook covers the following topics-

  • Ransomware Discovery and Mitigation – Multiple ways to discover ransomware and manage alerts. It also includes how you can isolate your infected machine to prevent its spread.
  • Delivery and arrival survey – How ransomware is delivered to your network and common infection patterns.
  • Analyze the incident and check if the infection has spread to other machines connected to your network.
  • Ransomware protection includes ransomware delivered via email, infection that lands through web browsers, and more.
  • Improving endpoint defenses on your network – This section shows how you can improve the protection of your machines.
  • Blocking malicious domains, IP addresses and URLs – Find out how blocking malicious domains can prevent your machines from this attack.
  • Recovering Your Machine from Ransomware Infection – The eBook tells you how to completely remove the threat components from your machine and prevent them from spreading to other machines connected through the same network.

The eBook also includes reference links where you can learn more about Ransomware attacks and methods to evade such attacks and infections.


Leave a Comment