Skip to content
English
  • There are no suggestions because the search field is empty.

What should you do when SysCloud identifies a potential ransomware threat in your backup archives?

Follow the steps below to address ransomware threats detected by SysCloud:

Step 1: Log in to the SysCloud backup application using your admin credentials.

Step 2: Access the ransomware section on the dashboard

Navigate to the Dashboard and locate the ransomware section, where the detected ransomware-encrypted and ransomware files are displayed.

Step 3: View the ransomware results

Click on the displayed numbers in the ransomware section. You will be redirected to the results page. On the Results Page, you can click Users to navigate to the Archives Page, where detailed file information is displayed.

Step 4: Take appropriate action

On the page, select the affected files or items for which you want to perform the action. Choose from the following actions:

  1. Transfer ownership: Transfer ownership of the files to an admin for further review. Refer to this LINK
  2. Restore ownership: Restore ownership to the original owner if ownership was previously transferred. Refer to this LINK
  3. Delete: Delete the affected files from the SysCloud Archives or directly from the cloud environment. Refer to this LINK
  4. Dismiss: If you determine that the detected files do not pose a threat, dismiss the alert. Refer to this LINK
  5. Restore from safe snapshot: Restore the safe version of the files identified by SysCloud's algorithm or recover files that may have been removed by ransomware or the user. Refer to this LINK

          This action is available only for files detected as encrypted by ransomware.