CrowdStrike Falcon™ Host and Ransomware
Cloud-delivered endpoint protection that stops online extortion
Ransomware is not new but its exponential growth curve has made it a pervasive threat to end users. This extortion-based category of cybercrime uses encryption to block access to select files on a compromised endpoint. In most cases, the only way to retrieve the encrypted files is to restore from a pre-existing backup, or pay a ransom which can vary from a few hundred up to a few thousand dollars, depending on the victims’ size and ability to pay. Ransomware prevention represents a significant security challenge because ransomware evolves constantly as cyber criminals refine their tools, techniques, and procedures.
How Ransomware Protection from CrowdStrike Works
Because attackers can and will shift their techniques, CrowdStrike’s next-generation endpoint protection solution, Falcon Host, uses an array of complementary prevention and detection methods:
Detect & Block known Ransomware
Exploit blocking to stop the execution and spread of ransomware via unpatched vulnerabilities
Machine learning for detection of previously unknown “zero-day” ransomware attacks
Indicators of Attacks (IOAs) to identify and block additional unknown ransomware, and protect against new categories of ransomware that do not use files to encrypt victim systems
Falcon Host uniquely combines these powerful methods into an integrated approach that protects endpoints more effectively against the menace of ransomware. This protection spans known and unknown ransomware -- and even prevents “file-less” ransomware that is invisible to conventional malware-centric defenses.
See How Falcon Host Detects Ransomware & Blocks it
Continuously Improving Ransomware Protection
Close collaboration between CrowdStrike’s detections, Falcon Overwatch and Falcon Intelligence teams provides you with continuous updates, including newly created Indicators of Attack (IOAs) and machine-learning algorithms that reflect and anticipate evolving ransomware techniques. This unique set of capabilities allows Falcon Host defenses to stay relevant against ransomware, even when attackers change their methods.