This widget provides an overview of all the attempted ransomware attacks for a
specified time range.
The default view displays a summary of all the ransomware detections and further categorizes
the attempts based on the infection channel.
-
Click the ransomware detection count on the default view to open the Security Risks - Ransomware logs screen that lists the ransomware detection details.
Click any of the charts on the right side of the widget to display an enlarged view
of the
chart data.
-
Hover over the node(s) for any particular day to view the total number of detections for the displayed detection category. Click a node to redirect to the Security Risks - Ransomware logs screen, which lists the ransomware detection details for that particular day.
Ransomware Detection Channels
|
Channel
|
Description
|
Detected By
|
||
|
Web
|
Files downloaded using a web client (for example, browser or FTP client)
|
|
||
|
Network traffic
|
Ransomware detected by the Suspicious Connections feature
|
|
||
|
Cloud synchronization
|
Files synchronized to the local sync folder by the following supported cloud storage
services:
|
|
||
|
Email
|
Email attachments opened using Microsoft Outlook
|
|
||
|
AutoRun files
|
Programs located on removable storage drives and executed by an autorun file
|
|
||
|
Local or network drive
|
Ransomware detected on local or network drives including:
|
|
