Bitdefender Anti-Ransomware?
The latest free Bitdefender Anti-Ransomware, which was released very recently, protects against 3 ransomware families – Locky, TeslaCrypt, and CTB-Locker. However, considering there are currently more than 50 different known ransomware families, this is far from full protection. Even though the 3 covered by Bitdefender Anti-Ransomware are among the most common, 3 out of a possible 50+ certainly does not represent good odds.
Furthermore, the consensus among experts is that the technique employed by Bitdefender Anti-Ransomware, which fools the ransomware into believing the system is already infected, should not be too difficult to overcome and there is every chance that ransomware developers will soon enough be peddling new variants which are able to defeat the program’s defense mechanism.
What the Experts are Saying
Here are excerpts from several reports discussing Bitdefender’s new anti-ransomware tool:
- The downside is that the tool [Bitdefender Anti-Ransomware] can only fool certain ransomware families and is not guaranteed to work indefinitely. Therefore, it’s best for users to take all the common precautions to prevent infections in the first place and to view the tool only as a last layer of defense that might save them in case everything else fails. <source: PCWorld>
- It should be clear from this that Bitdefender Anti-Ransomware does not protect against all ransomware attacks. Trend Micro lists dozens of ransomware families on its website for instance, and one question that you will have to ask yourself is whether it makes sense to run the program on your machine. <source: gHacks>
- Bitdefender’s newest tool covers more versions of ransomware than before, but it is not an absolute remedy or outright prevention tool, either. Ransomware has been twisting into new shapes in recent times. This means this new anti-ransomware vaccine shouldn’t be considered a long-term solution as more advanced threats may emerge sooner rather than later. <source: Digital Trends>
Some might say that at least this is better than nothing. However, I would argue quite the opposite. My primary concern is that these types of band aid solutions tend to lull users into a false sense of security and perhaps take risks that they would not and should not otherwise take.
The fact of the matter is that none of the currently available free anti-ransomware solutions provide adequate protection. If you want proper ransomware protection, you’ll need to fork out for a reputable premium anti-virus solution or a dedicated premium anti-ransomware program such as WinAntiRansom Plus (which, in my opinion, provides the best overall protection at the best possible value).
What is the Best Free Ransomware Protection
Personal data backups, system image backups, create them regularly and often. Bear in mind too, now that ransomware is becoming more sophisticated and affecting not only system drives but also connected USB drives and network drives, you should either store your backups on external drives which are largely disconnected (i.e. connected only during the backup process) or encrypt your backups and store in the cloud.
With the advent of the very easy to use and free Aomei Backupper Standard there is no longer any excuse not to backup and, at the same time, you’ll be affording yourself what is undoubtedly the most effective method for overcoming ransomware infections.
Consider the following scenario: your system becomes infected with one of the nasty ransomware variants demanding a [say] $400.00 ransom. But wait, you created a full system backup including all your personal data just a few days ago, before the infection. Within around 20 minutes or so, you’ve restored the image and are up and running again, all files accessible and completely ransomware free. Now consider the same scenario… only this time minus any backups.
—
Jim, thanks for this extremely informative article. I subscribe to the newsletter you referred to, and in fact just read it yesterday. I had earmarked it for further action, but had yet to do anything. I am SO glad I read your post this AM, and am off to do yet another full backup. I use Acronis as I paid for it last year, for 3 computers. So mine and my wife’s will be done today. Again, thanks for adding valuable insight, but more for getting me off my butt and actually doing my full system images for my own protection.
Good on you Ralph! Acronis is not only a great software but also an excellent investment, a heck of a lot less expensive than paying a $400-$500 ransom or having to pay a professional to fix a badly infected or broken system.
.
I agree 100% with your assessment Jim. At the time I bought Acronis, it seemed lik a small investment for peace of mind. I am now aware of the many free B/U options that you have suggested. I must say I value your articles that you freely post, I have learned so much.
I had issues with WinAntiRansom so uninstalled it, but may try it again, on one of my machines.
The promised new policy-based CryptoPrevent 8 so far is not forthcoming, and MalwareBytes Anti-Ransomware is still in beta.
Offline images are indeed the solution if one does accidentally get infected. Btw I have Aomei Backupper Pro, but still prefer Macrium Reflect (even Free) for reliability.
My backup USB’s are permanently connected (but protected by sadly discontinued Secure Folders in read-only mode except for allowed Macrium), but I copy my images offline also.
What were the issues?
I also have Aomei’s Pro version and have had zero problems with reliability/restoration to date. Have restored around 8 images so far, mainly for clients, all restored perfectly. Maybe you are confusing reliability with trust? 🙂
Hi Jim
Re WAR issues: PC became unresponsive; I didn’t bother to troubleshoot – just restored from image.
Re Aomei PRO: I have found a) scheduled backups sometimes don’t run, or do run but emails are not sent and b) backup with scheme (some schemes) don’t always work as expected e.g. Space Management Scheme at default settings. c) On editing a backup, sometimes my password has been ‘lost’, and I need to recreate it.
Btw , always look forward to your articles.
Interesting!!
I have WAR installed on 3 different systems with no noticeable slow-downs at all. Task Manager in Win 10 shows WAR consuming zero CPU and only around 37MB RAM. Maybe some kind of conflict on your system.
I don’t use the features you mention in Aomei Backupper Pro at all so really can’t comment. However, as far as image backup integrity and reliability is concerned, I’ve found it to be spot on.
Thanks for the additional info, appreciated.
Jim, here’s an interesting exert, Mindblower!
“But Malwarebytes proactively protected its millions of customers from this attack, blocking the ransomware before it could encrypt files.
As a precaution, we suggest you update your Adobe Flash Player (Shockwave Flash Plugin). In addition, we urge you to consider installing both Malwarebytes Anti-Exploit Premium and Malwarebytes Anti-Malware Premium for the layered protection that stops attacks like this from infecting your computer. Malwarebytes Anti-Exploit Premium blocks the exploit attempt, while Malwarebytes Anti-Malware Premium stops the ransomware execution (if Malwarebytes Anti-Exploit Premium is not installed). “
Jim, You, I, and the many who read your posts are the least likely to fall prey to these crooks. I feel for the billions of users around the world who have no or little actual computer knowledge. Also, they are the people least likely to backup. Of the people I support, a few have lost EVERYTHING because of bad habits and not heeding warnings I have given. Even after a disaster they fall back on their old ways within a short time. One even considers it normal to have to start from scratch from time to time. This person I charge for setting up their computer. 🙂 First time is free.
Excellent points Tom. Education is key and that’s why we here at DCT are always exhorting readers to backup, backup, backup. However, as you so rightly point out, we can’t force people to read or heed our advice.
Thanks for your input here, appreciated.
Thank you! Read your news letter faithfully, loaded with good info!
What about programs that whitelist rather than blacklist. If it does not match known good program it cannot load. Period. Everyone seems to think that blacklist is most beneficial but I subscribe that if it cannot be validated to start with then I have a better chance to be ransomware free. I am will to validate a program and not need instant “gratification” if it keeps me free of these issues.
I agree that Bitdefender AntiRansomware has substantial limitations (and, in fact, might not even be long useful); however, it is free, automatically incorporated for subscribers, and – most importantly – very extensively documented in derivation, operation, limitations, etc and followed by numerous professional security websites; certainly, the manufacturer does not oversell the capabilities. I could say much the same about HitmanPro products, CryptoPrevent, etc. On the other hand, I would welcome a reason to purchase your favored WinAntiRansomPlus – and to expect it to actually work more completely. I might have missed an article, but I saw little more in your review than that you always liked those guys, the software had layers, and they offered you a 20% discount. Do you actually have a full review with any testing and technical exegesis of the functioning of its layers?
Okay, so in your own words “Bitdefender Anti-Ransomware has substantial limitations (and, in fact, might not even be long useful)”, but none of that matters because it’s free and well documented. Seriously!?
It was stated clearly in the WinAntiRansom article that it was NOT a review, I quote from the article… “I’m not actually reviewing this product, more just making you aware of it.” Apparently, you’ve never heard of Bill Pytlovany or WinPatrol?
Have you ever actually considered researching for yourself, there are plenty of independent reviews/tests available:
https://www.youtube.com/watch?v=nsacrHzUYrY
https://www.youtube.com/watch?v=equvK65PakY&nohtml5=False
hehehe!
Hi Jim,
Bill Pytlovany is now fully retired from WinPatrol, having sold the company to Ruiware in 2014; Scotty’s master is now Bret Lowry – http://billpstudios.blogspot.com/2014/06/winpatrol-generation-ii.html .
Cheers,
AJ
Hi AJ – Yes, I am well aware of that mate, just introducing a little of the history. 🙂
I have kept all important files offline for years. I do need to keep some DOC, JPG, etc files on the PC so I keep them in a folder that is encrypted and requires a PW just to access and on a drive I must mount when I need to. Otherwise, I’ve been using HitManPro for years and even in a recent KnowBe4 ransomware sim test, with it turned off, all 10 ransomeware tests was able to do it’s deeds even with 360 security, zonealarm and Nortons running. With it on, Ransomeware could not do any damage. I’ve had other primary duties over the years but have been on computers since the timex sinclar days. Cut my teeth on TI99’s and on. I’ve have a few certs but over 35+ years of IT experience with my hands in Basic, Dos, every flaver of windows including NT, OS2, Linux -various flavors, CTOS and BTOS (Unisys platforms – military 20 years) . I like to think of myself as a jack of all trades and a master of a few but not all :-). Good write up. Thanks.