...yup. You read that right. And we're going to talk about it

Hi. I'm Jon Fedor and this is InCyber Regular, edition 14. I love helping people live more digitally-secure lives. Like love it. The kind of love like when you hear that custom ringtone on your phone from a person who means a lot to you.

At InCyber I talk about cyber-related issues and security-awareness for smaller enterprises, the cyber-curious, and the security-conscious. I'm trying to write Matrix code so you can stop security bullets like Neo. (I reused that line because I like it).

Today:

1. Russian keyboards decrease ransomeware vulnerabilities
2. VITAL protection in Windows 10 (you've got to turn it on)
3. Aaaaand a super quick (funny) word on passwords

Last week today

I wrote last week about the Colonial Pipeline ransomeware attack and this one weird trick that, 1. seems to be well-known in niche pockets (new band name, I called it) of the infosec community and that, 2. is really effective at protecting against your machine becoming a target for ransomware attack.

Spoiler alert. That weird trick is to install a Russian (or other Cyrillic language) keyboard on your machine.

Brian Krebs tweeted about this last week, I wrote about it, and now Brian's waded into this murky lagoon even further with his own article.

The important gist of the story is that installing a Russian keyboard on your machine is all upside and zero downside. A very large number, though it's impossible to know how large, of malware and ransomware packages that exist on the market right now have exclusions built into them for machines that have a Cyrillic language keyboard installed.

Why? Well, who wants to poop where they eat?

If you have time and want to learn more, Brian Kreb's piece on this is really good (and the comments section is really bad...all about how switching to Linux is the one and only option yada yada yada).

Windows 10 and ransomware protection

Windows 10 has some fairly robust protections built natively into the operating system to hedge against ransomware. That's probably not too much of a surprise but it is good know.

Microsoft's beefed Windows Defender and launched a native security feature specific to protecting certain directories and file types from getting locked by third-party malware like ransomware.

Forbes released an article about this feature recently and you can read more about it here.

The feature works by whitelisting access to certain folders on your machine via controlled folder access.

If you hit the Windows key on your keyboard, search "ransomware protection", and then turn on controlled folder access, you'll be off to the races. Once configured, only trusted applications will be allowed to access the contents of these directories.

Your IT admins may, like mine, have turned off access to this feature for one reason or another in the course of managing your machine. But give this a shot. Again, it couldn't hurt to flip it on. And it could save you from getting third-degree burns on your butt if you don't.

But it's too hard...

xkcd did this EXCELLENT write up on Password Strength. Take a look.

It's tough to make a great password. Really. It is. But that shouldn't be a barrier or excuse.

This write-up makes a great point about the randomness and length variables that combine to make for a great password. You should try this for yourself! Go ahead. I'll wait.

Ok - you got it?

Now that you have a strong, memorable password, go download 1Password and start using it to generate friggin' STRONG passwords for the rest of your digital accounts across the entire internet.

Get 25% off for making the move to a password manager that will make you an upstanding, secure member of modern society. (Is that going too far?)

Thanks!

I love writing this thing for y'all and I want to keep doing it. And I want it to get better weekly. So let's make it happen already.

Have a good'un, Good Lookin'.

~Jon hack-the-bad-guys Fedor