The next version of Windows 11 will come with improvements to the Microsoft Defender for Endpoint cybersecurity platform that should be better at protecting Windows 11 users from ransomware and other “advanced attacks.”
In a suspension (opens in new tab)Microsoft announced that the upcoming Beta Channel release comes with a handful of new features and upgrades, including one that “enhanced Microsoft Defender for Endpoint’s ability to identify and block ransomware and advanced attacks.”
Other fixes and improvements include the ability to compress a file regardless of its size if server message block (SMB) compression is configured, and improved storage replication that occurs in low bandwidth or WAN congestion. Microsoft also fixed a handful of issues, including one that causes Windows to display tablet mode for devices without touchscreens and one that causes some app windows to have blank sections in the Task View Preview.
Never pay the ransom
Microsoft’s move is further evidence of the dangers posed by ransomware threat actors. Over the years, they have become better at deploying ransomware in organizations, as the work is often shared between different teams. Some are with an initial settlement, while others are with negotiations for data release and payment.
Law enforcement agencies, as well as cybersecurity companies, are urging organizations not to pay the ransom, as there is no guarantee that they will get their data back and no guarantee that they will not be attacked again tomorrow, by themselves or a different club.
On the other hand, paying the ransom only incentivizes threat actors to continue pursuing this type of attack.
Instead, businesses should focus on educating their workforce about the dangers of phishing and social engineering, making sure their software and hardware are up-to-date so that flaws don’t target malware (opens in new tab)and enhance security with firewalls, two-factor authentication, antivirus programs (opens in new tab), and possibly zero confidence. Also, businesses should keep backups of their data and update/test it regularly.