What should you do when SysCloud detects ransomware in your backup archives?

SysCloud automatically identifies ransomware or malicious files in your backup archive. If we detect ransomware files in your archives, you will see a ransomware card in the backup dashboard indicating the number of ransomware file types detected.

Follow these steps to access the backup dashboard and manage ransomware alerts in your backup archives:

  1. Log in to the SysCloud Application with your account credentials.
  2. Click “Backup”→“Dashboard”
    1. Click on Dashboard
  3. Click on the ransomware card on the dashboard.

    2. Click on ransomware option
  4. In the ransomware tab of the Backup Health Status Report, you will see ransomware types and the number of instances of file types present in the archives.  Click on the data under “No of File Types” for more details.

    Ransomware number of file types
  5. Now you can view the different file types along with the number of users impacted. You can choose to select one or more of the file types and perform either the “Dismiss” or “Delete from backup archives” from the ACTIONS button.

    Ransomware take specific actions
  6. If needed, you can further drill-down to view the affected users and the infected files.

    Ransomware number of users affected
  7. Click on the data in the column “No of Files” to view all the infected files for closer inspection and apply “Dismiss” or “Delete from backup archives” actions.

    Ransomware - files affected of each user