Windows 10 is SAFE! Right?

CNET recommends adding a layer of malware protection. How to Geek (as well as TNW Creations) suggests silmultaneously running Malwarebytes alongside Windows Defender.

But that's still not the complete, steel armor getup that TNW Creations prefers. We use multiple security programs. If you asked us, we collect security suites like Pokemon (or baseball cards, if you prefer).

Keep in mind you cannot have all security programs live at one time or you will receive false positives. But having 2 antivirus and an antimalware program alongside Win Defender is a great way to protect yourself. Should you feel like you may have experienced a breach, open one of your other security programs and scan. See if it picks up something the main program did not.

This picture above shows network activity on a Windows 10 system girded with both Windows Defender and McAfee Antivirus in February 2020.

The system was infected while visiting a non-profit website built with WordPress that had been hacked.

The hacked website automatically downloaded malware onto the Windows 10 system that was fully updated and should have been protected. McAfee Antivirus software immediately recognized the malicious download but beyond that was helpless to stop it. As the software began corrupting the system, the security programs were made useless, displaying gibberish content, unusual dates and not updating or protecting.

The computer had been compromised. Restore settings were wiped, partitions had been created, registry keys were edited, command prompt windows were opening remotely, the system kept enabling blue tooth and allowing a mass storage device to connect remotely. And a beacon was reaching out to the hackers, displaying the network IP like a buffet to gorge from. Eventually the router was hacked. And the breach blazed through the network like a grassfire in Texas on a hot dry August day. Effectively infecting every device and system on that local network.

Methodically, the hackers attempted entry, breaching point after point. When TNW Creations acted, we shut down the network, monitored it, ran our security programs which included ESET, Malwarebytes, Spybot, Webroot and even then... were unable to stop the cyber attack until we wiped all of the systems... three times. Because of the additional partitions, the malware was hiding. Reinstalling Windows 10 was attempted twice, before we used a live version of Linux and zeroed each hard drive. Finally after 14 days, working tirelessly, monitoring, wiping, cleaning, installing, running and replacing hardware including the router and several peripherals... the network was clean.

However, one of the devices on this network surprised us. An Xbox 360 console with wifi adapter tucked away and forgotten had been corrupted and was being used as a beacon as well. The console should have been scrapped years earlier as Microsoft had stopped supporting it.

There are multiple lessons to learn from this scenario.

Never use outdated software (operating systems, programs, security, mobile, etc)
Never use outdated hardware (routers, consoles, pcs, webcams, printers, etc)
Don't expect Windows Defender to be all you need to protect yourself. Even having a security program like McAfee or ESET did not stop the sophisticated cyber attack this network experienced.
Always monitor your network activity for suspicious connections.
Always keep your operating system and software programs up to date!
Have an antimalware program AND 2 antivirus programs on your system at all times. Only keep one antivirus active at a time.
Scan regularly.
If you visit a website that appears to look unusual, is displaying content that does not look right or is only showing lines or a blank page. DO. NOT. CLICK. ANYWHERE ON THAT SITE. And run your antivirus and malware scans immediately after closing your browser.

Windows 10 is SAFE enough! Right?

www.tnwcreations.com