Description

As a blue team member, I want a concise report that indicates whether or not the ransomware payload was successful, so that I can have a clear understanding of the risks that ransomware pose to my network.

Acceptance Criteria

• A new ransomware report tab appears in the Monkey Island reporting page if the ransomware payload was run.
• Statistics showing:
  • The # of machines successfully exploited vs attempted
  • The # for each exploiter
• The ransomware report contains a table showing:
  • Which machines were compromised.
  • Which mechanism/exploit was used to propagate to that machine.
  • The # of files that were successfully encrypted.

Tasks

• Add a new reporting tab (0d) - @shreyamalviya
  • Don't display reporting tab if no encryption/readme enabled
• Process telemetry and generate
  • Statistics (monkey_island/cc/models/edge.py). (0d) - @shreyamalviya
  • Data for table (0d) - @VakarisZ
• Provide an API endpoint that can be queried by the UI to retrieve the report details (0d) - @shreyamalviya
• Display statistics information in a statistics component (0d) - @shreyamalviya
• Display ransomware encryption information in a table component (0d) - @VakarisZ