Once ransomware is detected, it is critical to take immediate action to resolve any potential issues. You need to immediately contact your internal Security team and IBM Storage Sentinel Support to investigate the extent of the potential threat and fix it if necessary.

In some cases, you may need to recover your server's operating system and application installation before IBM® Storage Sentinel anomaly scan software can recover the last known good application data. It's a good practice to have cold/offline servers standby that can be used as backups in an emergency.

If you have any questions about the detection status, contact IBM Storage Sentinel Support. IBM may assist with questions about the solution, troubleshoot recovery needs, and may refer you to IBM Services for more extensive threat mitigation assistance.