Currently, different forms of ransomware are increasingly threatening Internet users. Modern ransomware encrypts important user data and it is only possible to recover it once a ransom has been paid. In this paper we show how Software-Defined Networking (SDN) can be utilized to improve ransomware mitigation. In more detail, we analyze the behavior of popular ransomware - CryptoWall - and, based on this knowledge, we propose two real-time mitigation methods. Then we designed the SDN-based system, implemented using OpenFlow, which facilitates a timely reaction to this threat, and is a crucial factor in the case of crypto ransomware. What is important is that such a design does not significantly affect overall network performance. Experimental results confirm that the proposed approach is feasible and efficient.