Ransomware helps you understand which organisations are being targeted, who the active groups are, and where activity is concentrated.
Start by setting the time range that matches your reporting needs (e.g. last 90 days). If you’re assessing a supplier or peer, open Victims and search their name. The timeline on the victim page shows when activity was first seen and how it evolved.
When you need to understand an adversary, open Groups, pick one, and scan its profile. You’ll see what sectors they focus on, which regions they hit, and how frequently they act. Use related victims to explore recent targets and see whether your sector is in the crosshairs.
If geography matters to you, switch to Countries. Filter to your regions, then scan the top groups and trends. Click through to see the most recent victims behind those numbers. This view is useful for regional risk briefings.