Remote ransomware is when adversaries compromise an unmanaged device and then use it to remotely encrypt protected devices on the same network. Most other endpoint solutions fall short in this scenario - meaning a single unmanaged/unprotected device can result in the entire estate being encrypted, even if the computers are running up-to-date protection.
Also known as malicious remote encryption, remote ransomware is when a compromised endpoint is used to encrypt data on protected devices on the same the network. Once adversaries succeed in compromising one machine they are able to leverage the organization’s domain architecture to encrypt data on protected machines on the same network. All the malicious processes run on the already-compromised machine, not the protected endpoints, and the only indication of compromise is the transmission of documents to and from other machines.
