Sophos Resources to Stop Ransomware

Ransomware keeps evolving, getting faster, smarter – and costlier – at every turn.

With a full-scale ransomware attack costing on average an eye-watering US$1,852,872* it’s essential to know what you’re up against – and how to stay protected.

Know Your Enemy

21% of organizations fell victim to ransomware last year. Don’t join the club.

Comand line interface

The cyberthreat that just won’t die

Learn why ransomware is such a deadly threat, and where it is going next.
shield

How ransomware attacks

A detailed technical breakdown of the ten most common ransomware families.

Train Your Organization

Many ransomware attacks start with a malicious email. Attackers know it only takes one individual to let down their guide for them to get into your organization.

Our anti-ransomware educational toolkit for IT managers gives you free resources to train your users on ransomware, including an organizational checklist, security awareness posters, and an educational video for employees.

Download the Toolkit

Deploy World-Class Protection

Today’s ransomware attacks often combine multiple advanced techniques with real-time hacking. To minimize your risk of falling victim you need advanced protection that monitors and secures the whole attack chain.

Sophos Managed Detection and Response

The Sophos Managed Detection and Response (MDR) team proactively hunts, detects and responds to attacks in real-time on your behalf, neutralizing ransomware and other advanced threats before they can compromise your data.

Sophos Intercept X

Sophos Intercept X with XDR gives you advanced protection technologies that disrupt the whole attack chain.

Deep learning predictively prevents attacks while CryptoGuard rolls back the unauthorized encryption of files in seconds.

Sophos Firewall

Sophos Firewall stops ransomware getting on, and moving around your network.

Deep learning detects and blocks ransomware at the gateway, while lateral movement prevention and RDP management stop hackers progressing their attacks.

Intercept X vs. Ryuk ransomware

See how Sophos technologies work together to disrupt multiple stages of a Ryuk ransomware attack:

Sophos vs ryuk ransomware

Apply Best Practices at All Times

Follow these top tips to minimize your risk of attack:

  • Use multi-factor authentication (MFA)
  • Use complex passwords, managed through a password manager
  • Limit access rights; give user accounts and administrators only the access rights they need and nothing more
  • Make regular backups, and keep them offsite and offline where attackers can’t find
  • Patch early and patch often. Ransomware like WannaCry and NotPetya relied on unpatched vulnerabilities to spread around the globe
  • Lock down your RDP. Turn off RDP if you don’t need it, and use rate limiting, 2FA, or a VPN if you do
  • Ensure tamper protection is enabled – Ryuk and other ransomware strains attempt to disable your endpoint protection

* The State of Ransomware 2021, Sophos