There are so many cases now with data collection for ransom where no malware is deployed, so we need a consistent way to capture the fact that a ransom was requested. Putting it into attribute.Confidentiality is likely the beat option.
From there. we release Ransomware from its "overloaded" state to also encapsulate the ransom and allows us to be more strict. What do we want to do with Ransomware?
There are so many cases now with data collection for ransom where no malware is deployed, so we need a consistent way to capture the fact that a ransom was requested. Putting it into attribute.Confidentiality is likely the beat option.
From there. we release Ransomware from its "overloaded" state to also encapsulate the ransom and allows us to be more strict. What do we want to do with Ransomware?