And the list of best practices for ransomware attackers includes keeping a low profile for a an undisclosed timespan before sending demands so that the victim does not know how far back the last clean backup would be. Backups are an important tool when solving the attack, but they are not the solution.