Dan Swinhoe reports:
Although ransomware attacks are on the decline — Darktrace suggests infections have decreased by as much as 28 percent between 2017 and 2018 — the threat these extortion attacks pose is still very real and for reasons beyond disruption to operations. More sophisticated attackers are using ransomware to cover their tracks in a more serious attack.
This gives ransomware victims another worry in addition to business disruption recovery costs: Was the attack really just to extort money or is it a cover for something more sinister? Answering that question requires ransomware victims to take due diligence steps after the attack.
Read more on CSO.