The fact of the matter is that most cyber extortion malware requires administrator privileges just to launch and embed itself in a system. If you reduce a user’s privilege to standard user, ransomware that tries to install a persistent presence is generally thwarted because it does not have the privileges to install files, drivers, or even access the registry unless it leverages an exploit to escalate privileges. This is a sound mitigation strategy for the vast majority of malware that needs to own a system in order to begin infecting files for ransomware and cyber extortion threats.