Ransomware has been one of the most severe threats in recent years. Although ransomware is no longer the number one threat, many users still fall victim to this type of malware.
The complexity of this type of malware has caused them to take many victims.
This malware affects different organizations, governments, private centers, and end users.
Unfortunately, most users become familiar with this malware when they are already infected with it. And unfortunately, except in rare cases, it is not possible to restore files encrypted by ransomware.
The best way to deal with ransomware is to prevent it by backing up your files and creating security shields against them.
Windows Defender Antivirus has a feature called Ransomware Protection that protects users from ransomware attacks.
In this article, we want to explain how I use Ransomware Protection on Windows 8.
3 Methods to Enable Windows Defender in Windows 8/8.1
Method 1: Enable Windows Defender in Windows Defender Service.
If you get a message that says Windows Defender can’t control your computer, it’s because the program service has stopped.
Using the following steps, you can activate the Windows Defender service in your Windows 8:
1. Go to the Search bar by Windows +F.
2. Type services in the empty box.
3. Select the Settings and tap View local services to open Services.
4. Find the Windows Defender Service, then double-click it.
5. When the Windows Defender Service Properties window opens, in the General Settings section, click on the bar next to Startup.
6. Select the bar beside Startup type choose Automatic from the drop-down list.
7. Tap OK to complete the setting.
Method 2: Enable Windows Defender in Group Policy.
If Windows 8 asks you that Windows Defender has been disabled by Group Policy, you can follow the steps below to enable it.
1. Go to the Local Group Policy Editor.
2. Find and Go to the Turn off Windows Defender setting.
3. FYI, it is in Computer Configuration/Administrative Templates/Windows Components/Windows Defender.
4. Select the Not Configured or Disabled button.
5. Click on OK option.
Method 3: Enable Windows Defender in the Action Center.
When you are informed that Windows Defender is turned off, you can check its status through the Action Center.
By performing the following steps, you can activate Windows Defender in Windows 8 through the Action Center.
1. Open the Start menu.
2. Type Control Panel in the empty box.
3. Input action center in the top-right search box and tap Action Center to get into it.
4. On the right of Spyware and unwanted software protection (Important), tap the Turn on now button.
The best anti-ransomware methods in ESET products
1. Keep Advanced Memory Scanner and Exploit Blocker features active.
These two features are enabled by default in ESET products. These algorithms have been recently developed to protect against malware that tries to anonymize itself or encrypts itself so that Nod 32 antivirus cannot identify them.
2. ESET LiveGrid must be active.
If ESET LiveGrid is disabled, ESET Cloud Protection is also disabled. The ESET Cloud Malware Protection System is a significant feature in detecting new malware. It detects new and unknown programs of all ESET users in the world and analyzes their behavior.
If a suspicious program or malware is detected, the antivirus will prevent it from running.
3. Make sure “Network drives” is enabled in Real-time file system protection.
With the Network Drives Scan feature enabled, the antivirus also scans the files in the network drives and prevents encryption of the drive by ransomware.
4. The Ransomware Shield feature must be enabled
Ransomware Shield is one of the HIPS protection layers. Ransomware Shield is a behavior-based method.
This feature detects and controls programs that try to encrypt files.
If a malicious app’s behavior is detected, the app is blocked and stopped running, or if a credential-based scan shows the app is suspicious, the user is encouraged to block or allow it.
Note: For Ransomware Shield to be active, ESET LiveGrid must be enabled.
The best ways to deal with ransomware by the user
In the process of protecting the device against ransomware, in addition to buying and installing the original antivirus, the user must also pay attention to important points when using the device.
1. Make a backup copy of your data
Plan to back up your data at regular intervals and keep the backup on offline storage for 100% ransomware protection.
2. Keep your Windows up to date
The importance of keeping the operating system up-to-date is no less significant than installing an original antivirus.
Operating system manufacturers continuously provide users with security updates to deal with malware, especially ransomware.
So never disable automatic updates. If you do this, be sure to manually update your Windows twice a week.
3. Do not disable User Account Control
The activation of User Account Control in Windows means that if a suspicious file wants to be executed, you will be asked whether you want to manage the file or not.
4. Close frequently used ports
To prevent brute force attacks by unknown IPs, it is strongly recommended to close or change the SMB, SQL, and RDP ports. There are many ways to lock the ports, it is also easy to lock the port in ESET.
Close file-sharing ports. Ports 135 to 139 and 445. SMB ports should not be exposed to the Internet.
Specify IP addresses for SQL ports and allow only those.
RDP remote ports
To prevent brute force attacks, close the remote desktop RDP port, or use a VPN with two-factor authentication.
Set auto-score for a specified number of failed attempts.
Choose a strong password.
Change unused and default accounts.
Such as administrator, admin, or root Whitelist specific users and groups so they can log in using RDP.
Whitelist specific IP addresses so they can make RDP connections.
In this article, we have explained 3 ways to use Windows Defender to protect your data and files in Windows 8 against ransomware.
We also explained the best ways to deal with ransomware for the user.
Don’t worry about your files and information in Windows 8 by doing the above steps.
Have you used these methods to protect your data and information in Windows 8 against ransomware?
What other methods do you know to protect your data in Windows 8 against ransomware?