Nzira yekudzivirira sei Windows 10 uye 11 kubva kune ransomware

Nzira yekudzivirira sei Windows 10 uye 11 kubva kune ransomware. Ransomware yatekeshera, asi kune nzira dzinoverengeka idzo vanhu nevatungamiriri vanogona kuchengetedza yavo Windows 10 uye makomputa 11. Hezvino zvekuita.

Misoro Yakafukidzwa ratidza

Cryptolocare. Ndinoda iwe. Dima divi. Conti. Medusa Locker. Kutyisidzira kwerudzikinuro hakuzoperi almost ; Nhau dzinounza mishumo yenguva dzose yemafungu matsva emhando iyi yakaipa yemalware iri kupararira pasirese. Inofarirwa muchikamu chikuru nekuda kwevanorwisa mari nekukurumidza kubhadhara: inoshanda nekunyora mafaera pane yako hard drive, uye ichida kuti iwe ubhadhare rudzikinuro, kazhinji mu bitcoin kana imwe cryptocurrency, kuti udzikise.

Asi iwe haufanirwe kunge uri nyajambwa. Pane zvakawanda izvo Windows 10 uye vashandisi ve11 vanogona kuita kuti vazvidzivirire kubva pazviri. Muchikamu chino, ini ndinokuratidza maitiro ekuzvichengeta wakachengeteka, kusanganisira mashandisiro akavakirwa-mukati Windows anti-ransomware chishandiso.

(Vatungamiri, ona "Zvinodiwa nedhipatimendi rako reIT nezve ransomware neWindows" pakupera kwechinyorwa chino.)

Ichi chinyorwa chinofungidzira kuti uri kutotora matanho ekutanga ekuzvidzivirira kubva kune malware kazhinji, kusanganisira kumhanyisa anti-malware software uye usambodhawunirodha zvakanamirwa kana kudzvanya zvinongedzo muemail kubva kune vasingazivikanwe vanotumira uye email inotaridzika kunyumwira. Ziva zvakare kuti chinyorwa ichi chakagadziridzwa zve Windows 10 Mbudzi 2021 Kwidziridzo (Version 21H2) uye iyo Windows 11 Gumiguru 2021 Kwidziridzo (Version 21H2). Dai wanga uine yekutanga vhezheni ye Windows 10, zvimwe zvinhu zvingave zvakasiyana.

Shandisa controlled folder access

Microsoft ine hanya zvakakwana nezve ransomware kuti vakavaka chishandiso chiri nyore-kugadzirisa-anti-ransomware zvakananga mukati Windows 10 uye Windows 11. Inonzi Inodzorwa Folder Access, inokudzivirira nekubvumira chete yakachengeteka uye yakazara vetted mapurogiramu kuti uwane mafaera ako. Kupfuura kweasingazivikanwe maapplication kana anozivikanwa malware kutyisidzira hakubvumidzwe.

Nekumisikidza, chimiro hachina kuvhurwa, saka kana iwe uchida kuzvidzivirira kubva kune ransomware, uchafanirwa kuiudza kuti itange kushanda. Iwe unogona kugadzirisa chaizvo mashandiro ayo nekuwedzera maapplication matsva kune whitelist yezvirongwa zvinokwanisa kuwana mafaera, uye nekuwedzera maforodha matsva kuwedzera kune maforodha aunochengetedza nekusarudzika.

Kuti uimhanye, iwe uchada kuwana kuWindows Security. Pane nzira dzinoverengeka dzekuiwana mune zvese Windows 10 uye Windows 11:

  • Dzvanya museve wekumusoro kuruboshwe rwebhara rebasa, wobva wadzvanya iyo Windows Security icon - nhovo.
  • Dzvanya Tanga > Zvirongwa Kuti uvhure Settings app, wobva wasarudza Gadziridza & Chengetedzo> Windows Kuchengetedzwa In Windows 10 kana Chakavanzika & Chengetedzo> Windows Kuchengetedzwa MuWindows 11.
  • Shandisa Windows kutsvaga. In Windows 10, bhokisi rekutsvaga riri mubhara rebasa padyo nebhatani reKutanga. In Windows 11, tinya chiratidzo chekutsvaga pane chebasa kuti uvhure pane yekutsvaga. Type windows kuchengetedza mubhokisi rekutsvaga rinotevera wosarudza Windows Security yezvabuda.

MuWindows Security, sarudza Dziviriro kubva kumavhairasi uye njodzi . Skira pasi kune iyo Ransomware Dziviriro chikamu uye tinya Ransomware Dziviriro Dhipatimendi . Kubva pachiratidziro chinoonekwa, pasi peKudzora Folder Access, shandura switch kuti basa . Iwe uchagamuchira nekukurumidza uchibvunza kana iwe uchida kuita shanduko. Dzvanya "Ehe" .

Toggle button to toggle basa Kuti ubatidze kupinda kunodzorwa kuforodha. (Dzvanya pamufananidzo kuti ukudze).

Haufanire kuzvisiya zvakadaro uye unzwe wakachengeteka parizvino, nekuti pane mukana wekuti une maforodha aunoda kuchengetedza uye ficha inoafuratira. By default, inodzivirira Windows system maforodha (uye maforodha ari pazasi pawo) seC:\Vashandisi\ UserName \ Zvinyorwa , kupi UserName Ndiyo yako Windows username. Kuwedzera kune Zvinyorwa, Windows system maforodha anosanganisira Desktop, Mimhanzi, Mifananidzo, uye Vhidhiyo.

Asi mamwe maforodha ako ese ari mutambo wakanaka kune chero ransomware inoita nzira yayo kumakombuta yako. Saka kana iwe ukashandisa Microsoft's OneDrive Cloud kuchengetedza, semuenzaniso, chero OneDrive maforodha uye mafaera pakombuta yako haana kuchengetedzwa. Tichifunga nezveMicrosoft iri kuyedza kuendesa munhu wese kuOneDrive, ndiko kusiiwa kunokatyamadza.

Kuti uwedzere maforodha aunoda kuchengetedza, tinya pane chinongedzo Mafolda akachengetedzwa inooneka mushure mekunge wabatidza Controlled Folder Access. Kuchimbidza kunoonekwa kuchibvunza kana iwe uchida kuita shanduko. Dzvanya "Ehe" . Baya bhatani wedzera folda yakachengetedzwa" pamusoro peiyo rondedzero yemafolda akachengetedzwa anooneka, ipapo kubva pachiratidziro chinoratidzika kune folda yaunoda kuchengetedza uye tinya. "sarudza folda" .

Dzvanya Wedzera folda yakachengetedzwa Dzivirira mamwe maforodha ako ane controlled folder access. (Dzvanya pamufananidzo kuti ukudze).

Ramba uchiwedzera mafolda nenzira iyi. Rangarira kuti kana iwe ukawedzera folda, ese maforodha pasi payo anodzivirirwa zvakare. Saka kana iwe ukawedzera OneDrive, semuenzaniso, hapana chikonzero chekuwedzera ese maforodha pasi payo.

(Cherechedza: Zvichienderana neshanduro yako yeOneDrive, unogona kukwanisa kudzoreredza mafaira eOneDrive, kunyangwe ukasaadzora nekupinda muControlled Folder. Kuti uwane rumwe ruzivo, ona zvinyorwa zveMicrosoft" Dzora mafaera akadzimwa kana maforodha muOneDrive . ")

Kana chero nguva iwe ukafunga kubvisa folda, dzokera kune Yakachengetedzwa Folders skrini, tora iyo folda yaunoda kubvisa, wobva wabaya. Kubvisa . Ziva kuti hauzokwanisa kubvisa chero akachengetedzwa Windows system maforodha kana chimiro chabatidzwa. Iwe unogona chete kubvisa izvo zvawawedzera.

Microsoft inosarudza kuti ndeapi maapplication anofanira kubvumidzwa kuwana akachengetedzwa maforodha, uye zvisingashamisi pakati pawo pane Microsoft Office. Microsoft haisati yaburitsa runyoro rwemaapplication anotenderwa, saka funga kutora matanho kubvumidza maapplication aunovimba kuti awane mafaera ako.

Kuti uite izvi, dzokera kuchiratidziro kwawakabatidza Inodzorwa Folder Kupinda wobva wadzvanya Bvumira anwendu kuti ive nekutonga kupinda kune folda . Kuchimbidza kunoonekwa kuchibvunza kana iwe uchida kuita shanduko. Dzvanya "Ehe" . Kubva pahwindo rinoonekwa, tora Kuwedzera app kunobvumirwa , famba uchienda kufaira rechirongwa chaunoda kuwedzera, wobva wadzvanya kuvhura , wobva wasimbisa kuti unoda kuwedzera faira. Sekuwedzera maforodha kune rondedzero yemafolda akachengetedzwa, unogona kubvisa application nekudzokera kuchiratidziri ichi, uchidzvanya pane application yaunoda kubvisa, wobva wadzvanya. Kubvisa .

Zano: Kana usiri chokwadi kuti mafaera anoteedzeka ezvirongwa zvaunoda kuwedzera kune whitelist aripi, tsvaga zita refolda rine zita rechirongwa muWindowsProgram Files kana WindowsProgram Files (x86) folders. , wobva watsvaga chinoitwa muchikamu ichocho.

Ita backup...asi ita nemazvo

Iyo yese poindi ye ransomware ndeye kubata mafaera ako kusvika wabhadhara kuti uvhure. Saka imwe yedzakanakisa nzira dzekudzivirira rudzikinuro ndeyekudzosera mafaera ako. Nenzira iyi, hapana chikonzero chekubhadhara rudzikinuro, nekuti unogona kudzoreredza mafaera ako nyore kubva kubhegi.

Asi kana zvasvika kune ransomware, haasi ese ma backups anogadzirwa akaenzana. Iwe unofanirwa kungwarira pakusarudza iyo chaiyo backup tekinoroji uye sevhisi. Ipfungwa yakanaka kushandisa cloud storage uye backup service pane kungo tsigira ku drive yakabatana pakombuta yako. Kana iwe ukachengetedza kudhiraivha yakabatana nekombuta yako, kana komputa yako yatapukirwa neransomware, iyo backup drive inogona kunge yakavharirwa pamwe chete nemamwe madhisiki mukati kana akabatana nekombuta yako.

Ita shuwa kuti yako-yakavakirwa gore-yakavakirwa kuchengetedza uye backup inoshandisa vhezheni - ndiko kuti, inochengeta kwete chete yazvino vhezheni yeimwe neimwe yemafaira ako, asi yapfuura vhezheni zvakare. Nenzira iyi, kana iyo yazvino vhezheni yemafaira ako ikabatwa, unogona kudzoreredza kubva kune dzakapfuura shanduro.

Mazhinji backup uye masevhisi ekuchengetedza, anosanganisira Microsoft OneDrive, Google Drive, Carbonite, Dropbox, uye mamwe akawanda, shandisa iyo vhezheni. Ipfungwa yakanaka kujairana neshanduro yemhando yechero sevhisi yauri kushandisa izvozvi, saka unogona kudzoreredza mafaera zviri nyore mujiffy.


Microsoft Shoko rinoshandisa OneDrive's shanduro yekugona mune yayo vhezheni nhoroondo chimiro. (Dzvanya pamufananidzo kuti ukudze).

Wana mahara ransomware dziviriro

Chero anti-malware chirongwa chinosanganisira yakavakirwa-mu-anti-ransomware dziviriro, asi kune akawanda mapurogiramu anovimbisa kunyatso kunanga ransomware. Dzakawanda dzadzo dzinobhadharwa, asi kune zvakare dzimwe dzemahara sarudzo, senge dzandinonyora pano.

Bitdefender inopa Yemahara decryption zvishandiso zvinogona kuvhura data rako Kana iwe ukarwiswa ne ransomware uye rudzikinuro runochengetwa. Ivo vanogona chete decrypt data yakavharidzirwa vachishandisa zvimwe zvikamu kana mhuri dzerudzikinuro, zvinosanganisira REvil/Sodinokibi, DarkSide, MaMoCrypt, WannaRen, nevamwe vazhinji. Kaspersky inopa chirongwa Anti-ransomware yemahara Kune vese vashandisi vepamba nebhizinesi, kunyangwe paine zvirambidzo pahuwandu hwemidziyo yaunogona kushandisa pairi.

gara wakarurama

Microsoft inogara ichiburitsa zvigamba zvekuchengetedza Windows 10 uye Windows 11, uye anoiswa otomatiki kuburikidza neWindows Update. Asi kana iwe ukanzwa nezve ransomware kubuda, usamirire Windows Update kuti iite - iwe unofanirwa kuwana iyo yekuvandudza ipapo ipapo kuti uchengetedzwe ASAP. Uye hazvisi zveWindows zvigadziriso zvauri kuda kuwana. Iwe zvakare unoda kuve nechokwadi chekuti Windows Security, Microsoft yakavakirwa-mukati-anti-malware chishandiso, ine yazvino anti-malware tsananguro.

Kuita zvese mukati Windows 10, enda ku Zvirongwa> Kwidziridzo & Chengetedzo> Windows Kwidziridzo uye tinya bhatani re Tarisa uone zvekuvandudzwa . In Windows 11, enda ku Zvirongwa> Windows Update uye tinya bhatani re Tarisa uone zvekuvandudzwa . (Kana zvigadziriso zvakatokumirira iwe, unovaona vakanyorwa pane bhatani Tarisa uone zvekuvandudzwa .) Kana Windows ikawana zvigadziriso, inodziisa. Kana ichida kutangazve, ichakuudza.

 

Kwete chete iwe unofanirwa kunetseka nezve Windows kugara yakasungwa, asi mamwe mapurogiramu zvakare. Kana iwe ukashandisa anti-malware software kunze kweWindows Security, ita shuwa kuti uye tsananguro dzayo dzemalware dzasvika.

Mamwe software ari pakombuta yako anofanirawo kuvandudzwa. Saka tarisa kuti software yega yega inogadziridzwa sei uye ita shuwa kuti chikamu chimwe nechimwe chinogadziridzwa nguva nenguva.

Dzima Macros muMicrosoft Office

Ransomware inogona kupararira Via Macros muHofisi Mafaira , saka unofanira kuidzima kuti ive yakachengeteka. Microsoft ikozvino inoidzima nekukasira, asi hazvireve kuti yakadzimwa mushanduro yako yeHofisi, zvichienderana nekuti wakaiisa rinhi uye kuti wakaigadziridza. Kuti uidzima, kana uri muOffice app, sarudza Faira> Sarudzo> Trust Center> Trust Center Settings uye sarudza chero Dzima macros ese ekuzivisa أو Dzima macros ese pasina chiziviso . Kana iwe ukavadzima nechiziviso, kana iwe ukavhura iyo faira, iwe unowana yambiro meseji yekuti macros akaremara uye achikubvumidza kuti umhanye. Imhanye chete kana uine chokwadi chekuti inobva kune yakachengeteka uye yakavimbika sosi.

 

Zvinodiwa nedhipatimendi rako reIT nezve ransomware neWindows

Pane zvakawanda izvo IT inogona kuita kuchengetedza makambani asina ransomware. Zvinonyanya kujeka: shandisa zvigamba zvekuchengetedza zvazvino kwete kumakomputa ese ari mubhizinesi, asi kune ese maseva uye chero mimwe michina padanho rebhizinesi.

Aya angori mavambo. Dhipatimendi rako reIT rinoda kudzima SMB1 Windows networking protocol inozivikanwa kusachengeteka. Multiple ransomware kurwisa kwakapararira pamusoro peiyo 30-yemakore protocol; Kunyangwe Microsoft inoti hapana munhu anofanirwa kuishandisa.

Nhau dzakanaka ndedzekuti Windows 1709 vhezheni 10, yakaburitswa muna Gumiguru 2017, pakupedzisira yakabvisa SMB1. (Haisi mukati Windows 11 kana.) Asi izvo chete zvemakomputa ane kugadzwa kwakachena kweshanduro 1709 kana gare gare, kusanganisira itsva dzakabuda. Makomputa ekare akagadziridzwa kubva kushanduro dzakapfuura dzeWindows achine yakavakirwa-mukati protocol.

Kune nzvimbo dzakati wandei dhipatimendi rako reIT rinogona kuenda kunotsvaga rubatsiro kuidzima. Nzvimbo yakanaka yekutanga Chengetedzo Dzakanakisa Dzidziso Gwaro reMabhizinesi Madiki uye Epakati Kubva kuUS-CERT, inoshandiswa neUS Department of Homeland Security. Inokurudzira kudzima SMB1, ipapo "kuvharira mavhezheni ese eSMB pamiganhu yetiweki nekuvharira TCP port 445 ine zvinoenderana nemaprotocol paUDP ports 137-138 uye TCP port 139, yemidziyo yese yemuganhu."

Advance Microsoft Support chinyorwa ” Maitiro ekuona, kugonesa uye kudzima SMBv1, SMBv2, uye SMBv3 muWindows Tsanangudzo yekuti ungadzima sei protocol. Inokurudzira kuuraya SMB1 uchichengeta SMB2 uye SMB3 ichishanda, uye kungovamisa kuti vagadzirise kwechinguvana. Kuti uwane ruzivo rwazvino, rwakadzama nezve kudzima SMB1, enda kuMicrosoft TechNet chinyorwa ” Dzima SMB v1 munzvimbo dzakagadziriswa uchishandisa Group Policy . "

Vatongi vanogona kushandisa Controlled Folder Access (yakurukurwa pakutanga muchinyorwa chino) kumisa ransomware kubva pakunyorera mafaera nemaforodha pamakomputa ane Windows 11 kana Windows 10 vhezheni 1709 kana gare gare. Vanogona kushandisa Group Policy Management Console, Windows Security Center, kana PowerShell kuvhura inodzorwa folda kuwana yevashandisi panetiweki, gadzirisa kuti ndeapi maforodha ekuchengetedza, uye kubvumira mamwe maapplication kuwana mafolda kunze kweMicrosoft default marongero. Kuti uwane mirairo, enda kuchinyorwa cheMicrosoft" Gonesa kupinda kunodzorwa kuforodha “kuibatidza, uye ku” Gadzirisa Kunodzorwa Kupinda kune Folder Gadzirisa kuti ndeapi maforodha ekuchengetedza uye ndeapi maapplication ekubvumidza traffic.

Rimwe dambudziko rinogona kuitika nekudzora kupinda kwefolda nderekuti rinogona kuvhara maapplication anowanzo shandiswa nevashandisi kubva pakuwana maforodha. Saka Microsoft inokurudzira kushandisa maitiro ekuongorora kutanga, kuti uone zvichaitika paunobatidza Folder Access Control. Kuti uwane ruzivo rwekuita izvi, enda kuRugwaro. Shandisa Kudzivirirwa Kuongorora Kubva kuMicrosoft.

Sezvambotaurwa pamusoro, Office macros inogona kuparadzira ransomware. Microsoft ikozvino inovhara macros akatorwa kubva paInternet nekukasira, asi kuti ive yakachengeteka, IT inofanirwa kushandisa Group Policy kuvavharira. Kuti uwane mazano ekuita izvi, enda ku " Vimba kumhanya macros muHofisi mafaera kubva paInternet MuMicrosoft zvinyorwa Macros ichavharwa kubva paInternet nekusarudzika muHofisi "uye ku" Kubatsira vashandisi kugara vakachengeteka: Vhara internet macros nekukasira mune positi Office Blog".

izwi rekupedzisira

Nhau dzakanaka mune zvese izvi: Windows 10 uye Windows 11 vane chaiwo anti-ransomware maficha akavakwa mukati. Tevedza matipi atakatsanangura pano kudzivirira kutyisidzira kweransomware.

Related posts
Budisa chinyorwa pa

Wedzera chirevo