The next version of Windows 11 will come with improvements to the Microsoft Defender for Endpoint cybersecurity platform that should be better at protecting Windows 11 users from ransomware and other “advanced attacks”
In a blog post (opens in new tab)Microsoft announced that the upcoming Beta Channel launch comes with a handful of new features and upgrades, including one that “improved Microsoft Defender for Endpoint to identify and intercept ransomware and advanced attacks.”
Other fixes and improvements include the ability to compress a file regardless of size if Server Message Block (SMB) compression is configured, as well as improved storage replication that occurs over low bandwidth or congested WANs. Microsoft has also fixed a handful of issues, including one that causes Windows to display features in Tablet Mode for devices without touchscreens, and one that causes some application windows to have blank sections in the Task View preview.
Never pay the ransom
Microsoft’s move is yet another proof of the dangers of ransomware threats. Over the years, they have gotten better at deploying ransomware in organizations, as the work is often divided among different groups. Some are with an initial compromise, while others with negotiations for the release of the data and payment.
Law enforcement agencies, as well as cybersecurity companies, are urging organizations not to pay the ransom, because there is no guarantee that they will get their data back, and no guarantee that they will not be attacked again tomorrow, by the same, or a different, group.
On the other hand, paying the ransom only encourages the threat actors to continue pursuing these types of attacks.
Instead, companies should focus on educating their workforce about the dangers of phishing and social engineering, and making sure their software and hardware are up-to-date so the bugs don’t become the target of malware. (opens in new tab)and tighten security with firewalls, two-factor authentication, anti-virus programs (opens in new tab), and possibly zero trust. Companies should also keep a backup of their data and update/test it regularly.