Home / Windows 10

Securing Windows 10

Computer attacks continue to increase in number and severity each year. And while the big data breaches-the loss of millions of credit card numbers from a major retailer or the loss of millions of personnel records from the U.S. government-command the most media attention, don't think that the bad guys wouldn't like to get into your computer too. Whether it's to steal your valuable personal data, appropriate your computing resources and bandwidth, or use your PC as a pathway into a bigger target with whom you do business, there are plenty of actors with bad intent.

According to the 2015 Internet Security Threat Report, published by Symantec, 60 percent of all targeted attacks struck small and medium-sized organizations. Like individuals, these organizations often don't have the resources to invest in security-making them juicy targets.

In this tutorial, we examine the types of threats you're likely to face at home and at work. More importantly, we describe some of the more significant security improvements made in Windows 10-many of which are in layers you can't see, such as hardware-based protection that operates before Windows loads. Then we explain how to use the more visible security features, including Windows Firewall, User Account Control, BitLocker, and Windows Defender.

Understanding security threats

A decade ago, the threat landscape for Windows users was dominated by viruses and worms. Ah, for the good old days! The modern threat landscape is much more complex and, unfortunately, more insidious. Today, an attacker is likely to be part of an organized crime ring, not an attention-seeking vandal, and attacks are typically designed to go unnoticed for as long as possible.

A rogue program, installed without your knowledge and running without your awareness, can perform malicious tasks and transfer data without your consent. This category of software is often referred to as malware.

The goal of the bad guys is to get you to run their software. They might, for example, convince you to install a Trojan-a program that appears legitimate but actually performs malicious actions when it's installed. This category of malware doesn't spread on its own but instead uses social engineering (often using popular social networking sites such as Facebook and Twitter) to convince its victims to cooperate in the installation process. As part of its payload, a Trojan can include a downloader that installs additional malicious and unwanted programs. Some Trojans install a "backdoor" that allows an outside attacker to remotely control the infected computer.

What's in it for the bad guys? Money, mostly, gathered in a variety of ways, depending on how the attackers got through your defenses.

A password stealer runs in the background, gathers user names and passwords, and forwards them to an outside attacker. The stolen credentials can then be used to make purchases, clean out bank accounts, or commit identity theft.

Bad guys prey on fear with rogue security software (also known as scareware), which mimics the actions and appearance of legitimate antivirus software. If you install one of these programs, it inevitably reports the presence of a (nonexistent) virus and offers to remove it-for a fee, of course.

In 2015, the fastest rising star in the malware hall of shame is ransomware, a form of digital blackmail in which a program encrypts all your data files and offers to unlock them only upon payment of a ransom.

Phishing attacks, which use social engineering to convince visitors to give away their sign-in credentials, are a separate but potentially devastating avenue to identity theft that can strike in any browser using any operating system.

You can review lists of current malware threats, along with links to details about each one, at the Microsoft Malware Protection Center. For a more comprehensive view of the changing threat landscape, the Microsoft Malware Protection Center issues a twice-yearly report, using data from hundreds of millions of Windows users and other sources.