2021-08-06 20:14:23 +08:00
|
|
|
---
|
|
|
|
|
title: "Ransomware report"
|
|
|
|
|
date: 2021-08-05T13:23:10+03:00
|
|
|
|
|
weight: 4
|
|
|
|
|
draft: false
|
|
|
|
|
description: "Provides information about ransomware simulation on your network"
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
{{% notice info %}}
|
2021-08-11 04:31:16 +08:00
|
|
|
Check out [the Infection Monkey's ransomware simulation documentation]({{< ref
|
|
|
|
|
"/usage/scenarios/ransomware-simulation" >}}) and [the documentation for other
|
|
|
|
|
available reports]({{< ref "/reports" >}}).
|
2021-08-06 20:14:23 +08:00
|
|
|
{{% /notice %}}
|
|
|
|
|
|
|
|
|
|
The Infection Monkey can be configured to [simulate a ransomware
|
2021-08-11 04:31:16 +08:00
|
|
|
attack](/usage/scenarios/ransomware-simulation) on your network. After running,
|
|
|
|
|
it generates a **Ransomware Report** that provides you with insight into how
|
|
|
|
|
ransomware might behave within your environment.
|
2021-08-06 20:14:23 +08:00
|
|
|
|
|
|
|
|
The report is split into three sections:
|
|
|
|
|
|
|
|
|
|
- [Breach](#breach)
|
|
|
|
|
- [Lateral Movement](#lateral-movement)
|
|
|
|
|
- [Attack](#attack)
|
|
|
|
|
|
|
|
|
|
## Breach
|
|
|
|
|
|
|
|
|
|
The breach section shows when and where the ransomware infection began.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2021-08-11 04:31:16 +08:00
|
|
|
## Lateral movement
|
2021-08-06 20:14:23 +08:00
|
|
|
|
|
|
|
|
The lateral movement section provides information about how the simulated
|
|
|
|
|
ransomware was able to propagate through your network.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Attack
|
|
|
|
|
|
2021-08-11 04:31:16 +08:00
|
|
|
The attack section shows the details of what the simulated ransomware
|
|
|
|
|
successfully encrypted, including a list of specific files.
|
2021-08-06 20:14:23 +08:00
|
|
|
|
|
|
|
|
|
