I have been recently reading about rise in ransomware attacks such as CryptXXX and I was curious about I can protect myself from such attacks. I have a Windows 10 x64 system. Some measures I took are
- Update Windows, Flash, Silverlight and my browsers to latest version
- Change Flash and Silverlight to "Ask to activate" and activate only if I simply cannot use a website without said plugins.
- I don't use the PDF viewer plugin by Adobe. I just use my browser's default PDF viewer
- I run Malwarebytes in on-demand mode, I scan my PC every week or so.
- I uninstalled Java
My next steps were either using a real-time antivirus program or switching to Linux. I don't want to invest in real-time antivirus because no matter what you say, they slow the system down a bit.
Now about switching to Linux, I believe it would provide more protection because I am not aware of any Linux ransomware attacks (that have not been defeated). But my system has OEM version of Windows with UEFI and thus I am not quite ready to make a jump to dual boot or Linux-only setup. My fear is getting back to Windows-only setup with all my data intact.
Hence, my middle ground would be using Linux in Virtualbox on Windows for all my web surfing (which is the way I believe these ransomwares get to you). But I would still be tunneling my network traffic through Windows because I will be using a VM. Also, I would have to create a shared directory to be able to access the files I download on the VM on Windows.
In this scenario, am I enhancing my security against ransomware or am I still squallyequally susceptible as browsing on my Windows system?
