What Is Ransomware?

Ransomware is a type of malware that encrypts the files on your computer, rendering them inaccessible. The attacker then demands a ransom payment — often in cryptocurrency — in exchange for the decryption key. If you don't pay, you may permanently lose access to your data.

Ransomware attacks have hit hospitals, schools, businesses, and everyday home users. No one is off the target list.

How Ransomware Gets Onto Your PC

Understanding the infection vectors helps you cut them off:

  • Phishing emails: Malicious attachments (PDF, Word, ZIP) or links that download the ransomware payload.
  • Drive-by downloads: Visiting a compromised website that silently downloads malware using browser vulnerabilities.
  • Malicious software: Cracked software, fake updates, or bundled installers from untrusted sources.
  • Remote Desktop Protocol (RDP) exploits: Attackers brute-force open RDP ports to gain direct access.
  • Network propagation: Once inside one machine, ransomware like WannaCry can spread across a local network.

What Happens During an Attack

  1. The malware executes and begins silently encrypting files (documents, photos, databases).
  2. It may disable backup software, shadow copies, and recovery tools.
  3. A ransom note appears — usually a text file or wallpaper change — with payment instructions.
  4. You're given a deadline, after which the ransom typically increases or the key is destroyed.

How to Protect Your Windows PC

1. Enable Controlled Folder Access

Windows 10 and 11 include a built-in ransomware protection feature called Controlled Folder Access. It blocks unauthorized apps from modifying protected folders like Documents and Pictures.

  • Go to Windows Security → Virus & Threat Protection → Ransomware Protection.
  • Toggle Controlled Folder Access to On.

2. Back Up Your Data — The Right Way

The most powerful ransomware defense is a backup that ransomware can't reach. Follow the 3-2-1 rule:

  • 3 copies of your data
  • 2 on different media types
  • 1 stored offsite (cloud or physical)

Crucially, disconnect or unmount your backup drive after use — ransomware will encrypt connected drives too.

3. Keep Everything Updated

WannaCry exploited a vulnerability that Microsoft had already patched. Users who hadn't applied updates were hit. Enable automatic updates for Windows and all third-party software.

4. Disable RDP If You Don't Use It

Remote Desktop Protocol is a common ransomware entry point. Go to Settings → System → Remote Desktop and turn it off unless you actively need it.

5. Use Email Caution

  • Never open unexpected attachments, even from known contacts.
  • Hover over links to preview their real destination before clicking.
  • Be suspicious of urgency-driven emails demanding immediate action.

What to Do If You're Infected

  • Disconnect immediately from the network to prevent spread.
  • Do not pay the ransom — payment doesn't guarantee file recovery and funds further attacks.
  • Check nomoreransom.org — a free resource with decryption tools for some ransomware families.
  • Report the attack to your national cybercrime authority.
  • Restore from a clean backup if one exists.

Final Thought

Ransomware is serious, but it's also largely preventable. Consistent backups, patched software, and a healthy skepticism toward unexpected emails and downloads will eliminate the vast majority of your risk.