From f79e218160c1aea8e77490a118f64172d205a0da Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 27 Sep 2021 13:41:45 -0400 Subject: [PATCH 1/5] UI: Fix minor formatting issues in LateralMovement.tsx --- .../report-components/ransomware/LateralMovement.tsx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/LateralMovement.tsx b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/LateralMovement.tsx index a5f76f722..0c360039d 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/LateralMovement.tsx +++ b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/LateralMovement.tsx @@ -13,8 +13,8 @@ const LATERAL_MOVEMENT_DESCRIPTION = 'After the initial breach, the attacker wil href="https://www.guardicore.com/blog/stopping-ransomware-with-segmentation/?utm_medium=monkey-request&utm_source=web-report&utm_campaign=monkey-security-report" \ target="_blank" \ > \ - See some real-world examples on Guardicore\'s blog. \ - ' + See some real-world examples on Guardicore\'s blog. \ + '; type PropagationStats = { num_scanned_nodes: number, From ce8fad53cd2208e2c74dafa5dfd85498f8446cc6 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 27 Sep 2021 13:42:18 -0400 Subject: [PATCH 2/5] UI: Add link to Guardicore blog in ransomware Breach section --- .../ransomware/BreachSection.tsx | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/BreachSection.tsx b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/BreachSection.tsx index 1c2b71d99..afdddf469 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/BreachSection.tsx +++ b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/BreachSection.tsx @@ -6,8 +6,19 @@ import {renderLimitedArray} from '../common/RenderArrays'; function BreachSection() { const [machines, setMachines] = useState(null); - let description = 'Ransomware attacks start after machines in the internal network get compromised. ' + - 'The initial compromise was simulated by running Monkey Agents manually.'; + let description = 'Ransomware attacks start after machines in the internal network get \ + compromised. The initial compromise was simulated by running Monkey Agents \ + manually. Detecting ransomware at this stage will minimize the impact to the \ + organization. \ +
\ +
\ + \ + Learn techniques for early ransomware detection on Guardicore\'s blog. \ + '; + useEffect(() => { IslandHttpClient.get('/api/exploitations/manual') From cc531a98ae30789efe376c5f24697ad6252364b9 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 27 Sep 2021 13:42:52 -0400 Subject: [PATCH 3/5] UI: Add link to Guardicore blog in ransomware Attack section --- .../report-components/ransomware/AttackSection.tsx | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/AttackSection.tsx b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/AttackSection.tsx index 58e1bc1a3..1b9f2e794 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/AttackSection.tsx +++ b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/AttackSection.tsx @@ -7,7 +7,16 @@ import LoadingIcon from '../../ui-components/LoadingIcon'; const ATTACK_DESCRIPTION = 'After the attacker or malware has propagated through your network, \ your data is at risk on any machine the attacker can access. It can be \ encrypted and held for ransom, exfiltrated, or manipulated in \ - whatever way the attacker chooses.' + whatever way the attacker chooses. \ +
\ +
\ + \ + Learn about the financial impact of ransomware on Guardicore\'s blog. \ + '; + const HOSTNAME_REGEX = /^(.* - )?(\S+) :.*$/; function AttackSection(): ReactElement { From 7d9386c266328562ce2faf9b13f8f7c909f72ad1 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 27 Sep 2021 14:10:26 -0400 Subject: [PATCH 4/5] UI: Add ExternalLink React element --- .../report-components/common/ExternalLink.tsx | 19 +++++++++++++++++++ .../styles/pages/report/RansomwareReport.scss | 4 ++++ 2 files changed, 23 insertions(+) create mode 100644 monkey/monkey_island/cc/ui/src/components/report-components/common/ExternalLink.tsx diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/common/ExternalLink.tsx b/monkey/monkey_island/cc/ui/src/components/report-components/common/ExternalLink.tsx new file mode 100644 index 000000000..14a724bb2 --- /dev/null +++ b/monkey/monkey_island/cc/ui/src/components/report-components/common/ExternalLink.tsx @@ -0,0 +1,19 @@ +import React, {ReactFragment, ReactElement} from 'react'; +import {FontAwesomeIcon} from '@fortawesome/react-fontawesome'; +import {faExternalLinkSquareAlt} from '@fortawesome/free-solid-svg-icons'; + +type Props = { + url: string, + text: string, +} + +function ExternalLink(props: Props): ReactElement { + return ( + + {props.text} + + + ) +} + +export default ExternalLink diff --git a/monkey/monkey_island/cc/ui/src/styles/pages/report/RansomwareReport.scss b/monkey/monkey_island/cc/ui/src/styles/pages/report/RansomwareReport.scss index 143e3f835..57eeed88d 100644 --- a/monkey/monkey_island/cc/ui/src/styles/pages/report/RansomwareReport.scss +++ b/monkey/monkey_island/cc/ui/src/styles/pages/report/RansomwareReport.scss @@ -22,3 +22,7 @@ .ransomware-breach-section .ip-address { display: inline-block; } + +.numbered-report-section .external-link-icon { + margin-left: .25em; +} From e67066dd0d22fe481c12832a8f9920367ba7674c Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 27 Sep 2021 14:19:27 -0400 Subject: [PATCH 5/5] UI: Add external link icon to Ransomware report --- .../ransomware/AttackSection.tsx | 25 ++++++++-------- .../ransomware/BreachSection.tsx | 29 ++++++++++--------- .../ransomware/LateralMovement.tsx | 25 ++++++++-------- .../ransomware/NumberedReportSection.tsx | 8 ++--- 4 files changed, 45 insertions(+), 42 deletions(-) diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/AttackSection.tsx b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/AttackSection.tsx index 1b9f2e794..10f39e4b0 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/AttackSection.tsx +++ b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/AttackSection.tsx @@ -3,19 +3,20 @@ import IslandHttpClient from '../../IslandHttpClient'; import {FileEncryptionTable, TableRow} from './FileEncryptionTable'; import NumberedReportSection from './NumberedReportSection'; import LoadingIcon from '../../ui-components/LoadingIcon'; +import ExternalLink from '../common/ExternalLink'; -const ATTACK_DESCRIPTION = 'After the attacker or malware has propagated through your network, \ - your data is at risk on any machine the attacker can access. It can be \ - encrypted and held for ransom, exfiltrated, or manipulated in \ - whatever way the attacker chooses. \ -
\ -
\ - \ - Learn about the financial impact of ransomware on Guardicore\'s blog. \ - '; +const ATTACK_DESCRIPTION = <> + After the attacker or malware has propagated through your network, + your data is at risk on any machine the attacker can access. It can be + encrypted and held for ransom, exfiltrated, or manipulated in + whatever way the attacker chooses. +
+
+ + const HOSTNAME_REGEX = /^(.* - )?(\S+) :.*$/; diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/BreachSection.tsx b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/BreachSection.tsx index afdddf469..fb4498e8e 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/BreachSection.tsx +++ b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/BreachSection.tsx @@ -3,22 +3,23 @@ import IslandHttpClient from '../../IslandHttpClient'; import NumberedReportSection from './NumberedReportSection'; import LoadingIcon from '../../ui-components/LoadingIcon'; import {renderLimitedArray} from '../common/RenderArrays'; +import ExternalLink from '../common/ExternalLink'; + +const BREACH_DESCRIPTION = <> + Ransomware attacks start after machines in the internal network get + compromised. The initial compromise was simulated by running Monkey Agents + manually. Detecting ransomware at this stage will minimize the impact to the + organization. +
+
+ + function BreachSection() { const [machines, setMachines] = useState(null); - let description = 'Ransomware attacks start after machines in the internal network get \ - compromised. The initial compromise was simulated by running Monkey Agents \ - manually. Detecting ransomware at this stage will minimize the impact to the \ - organization. \ -
\ -
\ - \ - Learn techniques for early ransomware detection on Guardicore\'s blog. \ - '; - useEffect(() => { IslandHttpClient.get('/api/exploitations/manual') @@ -27,7 +28,7 @@ function BreachSection() { if(machines !== null){ let body = getBreachSectionBody(machines); - return () + return () } else { return } diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/LateralMovement.tsx b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/LateralMovement.tsx index 0c360039d..75af68ea5 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/LateralMovement.tsx +++ b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/LateralMovement.tsx @@ -2,19 +2,20 @@ import React, {ReactElement} from 'react'; import NumberedReportSection from './NumberedReportSection'; import pluralize from 'pluralize' import BreachedServersComponent from '../security/BreachedServers'; +import ExternalLink from '../common/ExternalLink'; -const LATERAL_MOVEMENT_DESCRIPTION = 'After the initial breach, the attacker will begin the Lateral \ - Movement phase of the attack. They will employ various \ - techniques in order to compromise other systems in your \ - network. \ -
\ -
\ - \ - See some real-world examples on Guardicore\'s blog. \ - '; +const LATERAL_MOVEMENT_DESCRIPTION = <> + After the initial breach, the attacker will begin the Lateral + Movement phase of the attack. They will employ various + techniques in order to compromise other systems in your + network. +
+
+ + type PropagationStats = { num_scanned_nodes: number, diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/NumberedReportSection.tsx b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/NumberedReportSection.tsx index c0876137b..6312fd665 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/NumberedReportSection.tsx +++ b/monkey/monkey_island/cc/ui/src/components/report-components/ransomware/NumberedReportSection.tsx @@ -5,7 +5,7 @@ import {faInfoCircle} from '@fortawesome/free-solid-svg-icons'; type Props = { index: number, title: string, - description: string, + description: ReactFragment, body: ReactFragment } @@ -14,7 +14,7 @@ function NumberedReportSection(props: Props): ReactElement {
- + {props.body}
@@ -27,11 +27,11 @@ function Header({index, title}: {index: number, title: string}): ReactElement { ) } -function Description({text}: {text: string}): ReactElement { +function Description({description}: {description: ReactFragment}): ReactElement { return (
- + {description}
) }