Ransomware Protection

Detect, respond, and protect against traditional and modern ransomware threats

Trend Micro blocked and detected nearly 41 billion threats across files, emails, and URLs in the first six months of 2021.

Ransomware has changed­­ – are you prepared?

Mitigate ransomware risks with four layers of security

Prevent, detect, and respond to ransomware risks with four layers of protection:

  • Email and web
  • Endpoint
  • Network
  • Workload 


There is no silver bullet when it comes to ransomware, so you need a multi-layered approach, prioritised for the best risk mitigation.

Enterprises can take advantage of Trend Micro Vision One™, which collects and correlates data across endpoints, emails, cloud workloads, and networks, providing better context and enabling investigation in one place.

This approach enables teams to respond to similar threats faster and detect advanced and targeted threats earlier in the attack lifecycle

Email and web security

Phishing emails are the most common way ransomware gets into your organisation, and advanced email security is the most effective layer to stop these attacks. Combine threat intelligence, machine learning, exploit detection, and sandboxing to stop threats before they reach your users.

Endpoint security

When ransomware makes it to your endpoints, layered prevention capabilities stop it in its tracks using rapid behavioural analysis and high-fidelity machine learning.

Network security

Attackers can leverage weak or vulnerable network protocols in ransomware attacks. Network prevention rapidly protects internet-facing assets and contains the spread of internal attacks between endpoints and workloads.

Workload security

It is becoming increasingly common for attackers to identify critical workloads or servers and hit these with ransomware for maximum damage. Protect your workloads, whether physical, virtual, or cloud, with consistent anti-ransomware capabilities.

Ransomware Best Practices Checklist

Audit and inventory

  • Take an inventory of assets and data
  • Identify authorised and unauthorised devices and software
  • Audit event and incident logs
      

Protect and recover

  • Enforce data protection, backup, and recovery measures
  • Implement multifactor authentication
      

Configure and monitor

  • Deliberately manage hardware and software configurations
  • Only grant admin privileges and access when necessary to an employee’s role
  • Monitor the use of network ports, protocols, and services
  • Implement security configurations on network infrastructure devices such as firewalls and routers
  • Have a software allow list to prevent malicious applications from being executed
      

Secure and defend

  • Perform sandbox analysis to examine and block malicious emails
  • Employ the latest version of security solutions to all layers of the system, including email, endpoint, web, and network
  • Spot early signs of an attack such as the presence of suspicious tools in the system
  • Enable advanced detection technologies such as those powered with AI and machine learning
      

Patch and update

  • Perform regular vulnerability assessments
  • Conduct patching or virtual patching for operating systems and applications
  • Update software and applications to their latest versions
      

Train and test

  • Perform security skills assessments and training regularly
  • Conduct red-team exercises and penetration tests

Ransomware Research, News, and Perspectives

TrendLabs Security Intelligence Blog

Tackle Ransomware with Layered Security

Four Countermeasures to Protect Against Ransomware

Fighting Ransomware:

We’ve joined forces with NoMoreRansom.org

Beyond WannaCry:

What New Threats are we Seeing?

WannaCry Ransomware:

Facts and Mitigation

All About Ransomware in 2021