We are wanting to utilize FSRM/etc for proactively protecting our file server from known ransomware extensions. The question I have, is with our known knowledge of Ransomware and File Servers, if the logic in the ransomware can't encrypt files because the extension combinations are blacklisted, will it CONTINUE and just start deleting everything?
Here are some resources we are looking at:
https://gallery.technet.microsoft.com/scriptcenter/Protect-your-File-Server-f3722fce (powershell script for FSRM)
https://www.reddit.com/r/sysadmin/comments/5vsz8u/do_you_use_fsrm_to_protect_your_windowsbased_file/ (updated list of ransomware)
If we block known ransomware extensions from our file servers, will ransomware still continue to delete even if it can't encrypt.