Ransomware is a nuisance. This type of malware encrypts the files on your PC, making them inaccessible unless you pay the attacker to unlock your data. In other words, unless you can survive the ransomware attack using other means, your files will be held hostage until you pay the demanded ransom money.
CBS News aired a cautionary segment about the Scattered Spider ransomware group, highlighting just how damaging ransomware can be. Therefore, it pays to be prepared. Hackers shut down a Las Vegas casino, causing millions of dollars in damage. Your computer is not much of a target, so why tempt your faith?
The best defense against ransomware is to avoid ransomware-laden sites and downloads, but you can also take other protective measures. Modern antivirus software often restricts apps that can modify files in folders that are often targeted by ransomware. Microsoft Defender, which is built into Windows, can also do this. (Microsoft renamed it from Windows Defender a few years ago, but it’s the same program.) Some antivirus suites also perform automatic backups in case you need to restore your files.
catch? Unlike third-party antivirus software, these additional protection measures include: do not have Enabled by default in Microsoft Defender. You have to enable it yourself.
More information: PCWorld’s top list of the best antivirus software of 2024.
How to enable ransomware protection in Windows
Step 1: Open Windows Security
Open the Windows Security app on your PC. You can access it in one of the following ways:
- Press Alt + Space on your keyboard and type: windows securitypress Enter
- Open the start menu and type windows securityClick and press Enter
- Open the Settings app and select Windows security in the left pane
Step 2: Check your ransomware settings
In the Windows Security app, click: Protection from viruses and threats.then click Manage ransomware protection It’s at the bottom of the screen.
Then turn on Controlling folder access. This setting restricts the app’s access to your PC’s default OneDrive, Documents, Photos, Videos, Music, and Favorites folders. You can also manually add other folders to the list.
Not all apps are banned from these areas of Windows. Microsoft Office programs are automatically allowed to open and modify the file. However, if it’s not on Microsoft’s internal list of trusted apps, the program won’t be able to see anything in those folders until Windows Security gives it explicit permission.
Related: 10 things you should never do as an IT professional
Step 3: Make sure you’re logged in to OneDrive
Restricting access to files and folders does not completely protect them. Another important defense is to have good backups. Windows does this automatically if you’re logged in to OneDrive. (You can connect your Microsoft account to your entire Windows PC or just to the OneDrive app.)
To confirm that this protection is turned on: Ransomware Protection > Ransomware Data Recovery.
Of course, the safest backup of your files is to keep them offline, with the aim of avoiding the worst effects of ransomware. In addition to the one stored in the cloud, you need to create one more. If you only have one copy of your data, it’s not properly backed up after all.
Should I enable ransomware protection on Windows?
Security and convenience are opposites, and that applies here as well. Controlling folder access in Windows can help prevent attacks on important folders, but it can also be a little inconvenient. For example, gamers may find that access to saved files is blocked by default, as files are often saved in the Documents folder.
This issue can be resolved with minimal effort by adding the app to the access list. Alternatively, save your game files in a separate folder on your PC where access is not controlled. (You will need to use third-party software to schedule regular backups.)
Protect your Windows PC from other online threats too
To learn more about Windows security (and its various components), check out our video overview on YouTube. You may also consider upgrading your antivirus software if you want more advanced software and additional protection. For example, our current recommended antivirus product, Norton 360 Deluxe, bundles powerful malware protection with a VPN, password manager, dark web monitoring of your personal data, and more. Staying safe online is easy.
Finally, if you want to learn more about ransomware protection, check out our other guide on how to prevent (or survive) a ransomware attack.
Editor’s note: This article has been updated to include links to guides on how to prevent and recover from ransomware attacks.
