If your PC is infected with ransomware, it will spread from one file to another, encrypting them until you pay the bad ones for the digital key. But ransomware can also spread to your files stored in the cloud, and that’s why Microsoft’s new OneDrive protections are designed.
On Thursday, Microsoft announced the ability to “roll back” the files stored in OneDrive to the versions stored until a month ago, to help it get back to a point before it became infected with malware. The company also said it will use its automated threat detection systems to discover when the ransomware started infecting those files and alert it through its phone that an infection has occurred.
Microsoft announced additional protections to share and read files stored in OneDrive and email through Outlook.com, the version of Outlook based on the web, including encrypted email. The capture? You will have to subscribe to Office 365, the Microsoft subscription service that also includes access to PowerPoint, Excel, Word and the other Office applications. Outlook protections are not yet available for the Office 365 version of Outlook.
“With the growing presence and sophistication of online threats such as viruses, ransomware and phishing scams, it is increasingly important to have the right protection and tools to help protect your devices, personal information and files from being compromised,” Kirk said. Koenigsbauer, the company’s vice president of Office, wrote in a blog post.
What this means for you: although smart browsing and other good Internet practices are your first defense against malware, including ransomware, it happens. And if ransomware infects your PC, it tries to infect other PCs in your network, including persistent connections to cloud storage. Deleting all your files and updating your PC would be an attractive solution, if it did not mean losing all your files. Microsoft is launching OneDrive as a solution: load all your critical files now, before your PC gets infected. Even if the OneDrive store gets infected, you can access a previous uninfected version.
Cloud protections in place
What’s new is that Microsoft has adapted its File Restore capability, previously only for OneDrive for Business, and has incorporated it into Office 365 subscriptions for home users. Microsoft will not only detect an attack, but you will be notified by any channel that Microsoft would normally use to send you messages: email, a popup notification and more.
Then, you can enter OneDrive and essentially “go back” to a previous day. You’ll want to choose a day before Microsoft warns you about the attack, of course.
Office 365 prevents forwarding
For added security, you can now block the forwarding of emails sent from Outlook.com.
Microsoft has also taken security in Outlook one step further: you can now protect links to folders or files with a password. That’s useful: before, there really was no real way to protect the links to files or folders so nobody would share them with anyone. Both ransomware detection and link protection are available as of Thursday, Microsoft said.
If you’re worried about the links being forwarded, Microsoft has also begun to address that. In Outlook.com, you now have the option to encrypt a file or prevent it from being forwarded, or both simultaneously.
It is not clear how well Microsoft has secured files in Outlook versus, say, PGP, but Microsoft says it will be able to encrypt a file sent through Outlook.com, and then read it in Outlook for iOS / Android or the Windows mail application . (Microsoft does not maintain encryption if it responds to that email or creates one of those other applications.) If you enable the forwarding prevention option, Microsoft will also encrypt email, as well as any Microsoft Office. documents that you have attached
Password-protected sharing links, email encryption and forwarding prevention will begin to be implemented in the coming weeks, Microsoft said.
Microsoft added that, later this year, it will begin to automatically verify links within Word, Excel or PowerPoint. If that link is linked to a suspicious site, it will be marked. Outlook.com already sniffs its links of potential malware.
originally posted here: https://www.pcworld.com/article/3268016/security/microsoft-adds-ransomware-protections-to-onedrive-and-outlookcom.html