Ransomware protection is a useful feature that comes with Windows 11, which helps protect your device from these very inconvenient and dangerous attacks. However, by default, ransomware protection is disabled on all Microsoft devices. We’ll find out why, and also explore how you can activate it in your security settings.
How to activate Ransomware protection inside Windows 11 system?
Before attempting these changes, make sure you are using an administrator account. Guests do not have access to this feature.
- Click the Win key and navigate through the Start menu to the Settings tab. Click to open the Settings menu. Another way to do this is to find the Settings icon on pinned items or use the search bar to find “Settings”.
- When the Settings tab launches, select “Privacy & Security”.
- Find the “Windows Security” menu.
- Click on the “Open Windows Security” button to access the ransomware settings. A new window will open. Here, click on the “Virus & Threat, Protection” menu item and scroll down to find the “Ransomware Protection” option.
- Click on “Manage ransomware protection” to get a list of options that include ransomware.
- Find the “Controlled file access” option in the right pane. Toggle the switch to enable it.
Ransomware protection is now enabled. Here you can also add (whitelist) program folders that can be tested as false positives in protected files.
Using a computer with Ransomware protection enabled
Once the ransomware protection is activated, you will need to whitelist some of your favorite programs to get controlled access to the folder. These steps will help you avoid false positives and allow you to install newer programs:
- Click “Allow the application via Controlled File Access” in the Controlled File Access window. Click “Add Allowed App”.
- Select “View all apps” or “Recently blocked apps” to see which Windows Security (formerly known as Windows Defender) has been archived or blocked.
- Selecting “Browse all applications” opens a pop-up window that allows you to select all executable files with an .exe extension.
- In the “Recently blocked apps” section, you can remove harmful or unwanted apps or restore the ones you want to keep.
In order not to have ransomware protection flag as useful software or applications, add them to “Protected files”.
Why enable protection against Ransomware attacks? The main reasons
- To prevent extortion and exploitation by hackers
Most ransomware exploits and extorts users, slows down your computer, denies you access to your files, or shuts it down. Ransomware attacks can affect computers and laptops at any level of an organization or individual and take your data hostage. These attacks can hurt your business, cost you money, and destroy your company’s reputation. Enabling ransomware protection prevents all possible attacks on your computer.
- To protect your information from loss, corruption, deletion or theft
Ransomware attacks take control of your data, encrypt it and deny you access. In addition, they can delete, damage or steal your data. Enabling ransomware protection on your computer helps detect and flag malware, deleting it before it destroys your computer system.
Why is protection against Ransomware attacks turned off “by default”?
By default, the ransomware protection feature is disabled. Here’s why.
To prevent Windows security from detecting false positives
As a precaution, ransomware protection is disabled in Windows Security. This prevents Windows Security from flagging legitimate programs as false positives. In this way, many programs that require controlled access to maps can perform their functions without problems.
You may be using a third-party antivirus program
Whenever you install a third-party antivirus on your computer, it automatically downloads Windows Security (Defender). With Windows security disabled, your new antivirus software takes over controlled access to the folder and protects your computer from ransomware attacks.
Your system may already be compromised
When malware attacks your system, it disables your computer’s ability to protect itself. It can damage programs, files, registry keys and other critical system functions. It also disables Windows Security, preventing it from scanning for and removing malware.
While the attack doesn’t necessarily have to be ransomware, it’s often just as inconvenient.
Should I turn on ransomware protection?
Surely. Maintaining ransomware protection helps protect your computer from fraud and malware attacks. Ransomware protection is essential for all computer users, including those who feel their data is not worth protecting.
Ransomware attacks are particularly nasty. This is why ransomware protection will protect you from extortion or data damage attempts.
How do I know if my computer is infected with ransomware?
If you have activated ransomware protection, you will receive notifications every time Windows Security detects or flags Ransomware. You can visit the “Block History” section and view the malicious files blocked by your antivirus software. Like most malware, ransomware attacks will slow down your computer’s crawling speed. So, if your computer is experiencing frequent interruptions, scan your computer for this very dangerous, harmful program.
The primary reason for ransomware attacks is to take your data and your computer hostage. Such attacks encrypt your data, making it unusable and inaccessible unless you pay a ransom to the attackers. In other cases, an attack can damage, delete, or destroy your data.
Does a ransomware attack involve stealing personal and confidential information?
Some ransomware attacks can steal your data. At first, attackers would hold your data for ransom and extort money from you before giving them back access. Today, ransomware attacks can also steal your data despite paying the ransom, which is another reason why it’s a good idea to activate protection against ransomware attacks.
Written by: Ivan Hečimović