This widget provides an overview of all the attempted ransomware attacks for a specified time range.
The default view displays a summary of all the ransomware detections and further categorizes the attempts based on the infection channel.
-
Click the ransomware detection count on the default view to open the Security Risks - Ransomware logs screen that lists the ransomware detection details.
Click any of the charts on the right side of the widget to display an enlarged view of the chart data.
-
Hover over the node(s) for any particular day to view the total number of detections for the displayed detection category. Click a node to redirect to the Security Risks - Ransomware logs screen, which lists the ransomware detection details for that particular day.
|
Channel |
Description |
Detected By |
|---|---|---|
|
Web |
Files downloaded using a web client (for example, browser or FTP client) |
|
|
Network traffic |
Ransomware detected by the Suspicious Connections feature |
|
|
Cloud synchronization |
Files synchronized to the local sync folder by the following supported cloud storage services:
|
|
|
|
Email attachments opened using Microsoft Outlook Note:
Apex One classifies all attachments opened using other email client applications in the Local or network drive channel. |
|
|
AutoRun files |
Programs located on removable storage drives and executed by an autorun file Note:
Apex One classifies all other files/programs not executed by the autorun program on removable storage devices in the Local or network drive channel. |
|
|
Local or network drive |
Ransomware detected on local or network drives including:
|
|