This website uses cookies to enhance your browsing experience. Please note that by continuing to use this site you consent to the terms of our Privacy Notice.


Prevent Ransomware
The New Endpoint Epidemic

CrowdStrike Falcon™ and Ransomware

Cloud-delivered endpoint protection that stops online extortion



CrowdStrike Falcon Intelligence™ identified a new variant of Windows ransomware, named Wana or WannaCry, that is rapidly spreading across multiple countries and was widely reported as an attack on England’s National Health Service (NHS). WannaCry ransomware is believed to have already caused a significant number of infections from a campaign that began on May 12, 2017.

CrowdStrike Falcon’s advanced endpoint protection offers next-gen antivirus that incorporates machine learning augmented with behavioral analysis that looks for indicators of attack (IOAs) — detecting suspicious behavior before an attack occurs. These prevention features will block the WannaCry ransomware and keep it from executing and encrypting the target organization's data.

See How to Stop WannaCry Ransomware With CrowdStrike Falcon Endpoint Protection



Blog: Falcon Intelligence Report: Wanna Ransomware Spreads Rapidly; CrowdStrike Falcon Prevents the Attack

Ransomware is not new

Exponential growth curve has made it a pervasive threat to end users.

This extortion-based category of cybercrime uses encryption to block access to select files on a compromised endpoint. In most cases, the only way to retrieve the encrypted files is to restore from a pre-existing backup, or pay a ransom which can vary from a few hundred up to a few thousand dollars, depending on the victims’ size and ability to pay. Ransomware prevention represents a significant security challenge because ransomware evolves constantly as cyber criminals refine their tools, techniques, and procedures.

Learn more by speaking to one of our experts now:

Request to be Contacted

How Ransomware Protection from CrowdStrike Works

Because attackers can and will shift their techniques, CrowdStrike’s next-generation endpoint protection solution, CrowdStrike Falcon, uses an array of complementary prevention and detection methods:


Detect & Block known Ransomware

Exploit blocking to stop the execution and spread of ransomware via unpatched vulnerabilities

Machine learning for detection of previously unknown “zero-day” ransomware attacks

Indicators of Attacks (IOAs) to identify and block additional unknown ransomware, and protect against new categories of ransomware that do not use files to encrypt victim systems

CrowdStrike Falcon uniquely combines these powerful methods into an integrated approach that protects endpoints more effectively against the menace of ransomware. This protection spans known and unknown ransomware -- and even prevents “file-less” ransomware that is invisible to conventional malware-centric defenses.

See How CrowdStrike Falcon Detects Ransomware & Blocks it

Continuously Improving Ransomware Protection

Close collaboration between CrowdStrike’s detections, Falcon Overwatch and Falcon Intelligence teams provides you with continuous updates, including newly created Indicators of Attack (IOAs) and machine-learning algorithms that reflect and anticipate evolving ransomware techniques. This unique set of capabilities allows Falcon defenses to stay relevant against ransomware, even when attackers change their methods.




Thinking about replacing your AV?
Learn More

See a product demo
View Now

Request a 1:1 demo of Falcon
Request a Demo


Try CrowdStrike Free for 15 Days Get Started with A Free Trial