Everything You Need To Defend Against Ransomware

Your Best Offense
is a Strong Defense

The CrowdStrike Falcon Platform secures the most critical areas of enterprise risk – endpoints and cloud workloads, identity, and data – to keep customers ahead of today’s threats and successfully stop ransomware. A massive data set - 5 trillion events per week - and threat actor intelligence fuel AI-powered machine learning and behavioral indicators of attack (IOAs) to identify and block ransomware. Expert threat hunters layer on the protection to proactively see and stop the stealthiest of attacks.



Harness the power of cloud-scale AI and a massive data set - 5 trillion events per week - to prevent ransomware in real-time



Identify ransomware behaviors with indicators of attack and stop the rapid encryption of files before it takes hold



Strengthen your team and your security posture with CrowdStrike’s seasoned security experts at your side



Understand your adversary to know what to look for and anticipate the next serious threat

The Evolution of Ransomware-As-A-Service

Ransomware has evolved from being a hacker’s side hustle, to enterprise-level targeted big game hunting operations conducted by the most sophisticated cybercriminals in the world.

At CrowdStrike, we know that at the heart of every attack is a human adversary. We understand who they are, how they operate and what they target. We share this information with your defenders so they are ready for the threat and take the proactive steps to stop it.

Updates on the Ransomware Landscape from our 2022 Global Threat Report

Developed based on the firsthand observations of the CrowdStrike Intelligence team and Falcon OverWatch™ elite threat hunters, combined with insights drawn from the vast telemetry of the CrowdStrike Security Cloud, this year’s report provides crucial insights into what security teams need to know — and do — in an increasingly ominous threat landscape. Highlights include:

  • The growth and impact of big game hunting (BGH) in 2021 was a palpable force felt across all sectors and in nearly every region of the world.
  • In the eCrime landscape, ransomware remains big business — CrowdStrike Intelligence observed an 82% increase in ransomware-related data leaks from 2020 to 2021.
  • Financially motivated eCrime activity continues to dominate the interactive intrusion attempts tracked by OverWatch. Intrusions attributed to eCrime accounted for nearly half (49%) of the observed activity, while targeted intrusions accounted for 18%.
  • New tactics, techniques and procedures (TTPs) used in data theft attacks in 2021, such as the development of advanced exfiltration tools, aided adversaries in extorting their victims.

The Falcon Platform is proven to stop ransomware

See how Falcon protects customers from REvil and Pinchy Spider, using AI and machine learning to identify ransomware indicators and unusual behavior to detect, investigate and remediate breaches.

Beat them at their own game

The CrowdStrike OverWatch team hunts relentlessly to see and stop the stealthiest, most sophisticated threats: the 1% of 1% of threats who blend in silently, using “hands on keyboard” activity to deploy widespread ransomware attacks if they remain undetected. We know their game, we know their tactics and we stop them dead in their tracks every time.

  • Criminal adversaries introduced new business models to expand their “big game hunting” ransomware activities.
    Big Game Hunting (BGH) activity remains a prominent feature of the eCrime landscape, and the majority of ransomware operators engaged in BGH are using data extortion alongside data encryption as a means to extract payment from victims.
    Download the Threat Hunting Report
  • The volume and velocity of financially motivated attacks in the last 12 months are staggering.
    Sixty-three percent of incidents investigated by CrowdStrike in 2020 involved financially motivated threat actors and 81% of those incidents were ransomware attacks using “Big Game Hunting” tactics.
    Download the Cyber Front Lines Report
  • Ransomware actors evolved their operations in 2020.
    In 2021, CrowdStrike has observed: 1,161 Big Game Hunting incidents so far with about 44.65 targeted ransomware events per week. $164M in ransom demands with an average cost of $6.3M. In the last 30 days alone, we observed in our malware feed 159 samples tied to big game hunting and ransomware operations.
    Read the Blog

Practice to Make Sure You're Prepared

  • Tabletop Exercise: a tabletop discussion to walk through recent sophisticated ransomware attack scenarios and discuss how your teams would respond.
  • Red Team / Blue Team Exercise: a collaborative exercise designed to mimic ransomware activities in a step-by-step (red team) attack on your environment with advice from our security experts (blue team) so you can understand the gaps in your ability to detect and respond to ransomware.
  • Adversary Emulation Exercise: a covert exercise designed to mimic ransomware activities in an external targeted (black box) ransomware emulation attack on your environment to test your ability to detect and defend the network against ransomware.
  • Compromise Assessment: identify current or past threat activity that is a known precursor to a widespread ransomware attack.
  • IT Hygiene Assessment: discover common vulnerabilities and misconfigurations that lead to the propagation of ransomware.
  • Endpoint Recovery: if you do become the victim of a ransomware attack, endpoint recovery using the real-time response capabilities of the CrowdStrike Falcon platform will get you back to business fast with minimal business disruption.

Recognized by Industry Leaders

CrowdStrike is proud to be a cybersecurity vendor that Gartner, Forrester and IDC have all recognized as a leader
in modern endpoint security


CrowdStrike is proud to be recognized as a Leader and the security vendor placed furthest for Completeness of Vision in the 2021 Magic Quadrant for Endpoint Protection Platforms (EPP)


CrowdStrike Named a Leader: 2021 Forrester Wave for Endpoint Security Software As A Service with the highest possible score in 17 of the 24 criteria in the evaluation.


2021CrowdStrike named a “Leader” in the Forrester Wave with the top ranking in Market Presence category and highest score possible in 17 criteria.

2020 IDC Market Share Leader – Ranked #1

CrowdStrike was ranked #1 for Modern Endpoint Security 2020 revenue market share in IDC’s Worldwide Corporate Endpoint Security Market Shares, 2020 Report