Threat actors may delete or remove built-in data and turn off services designed to aid in the recovery of a corrupted system to prevent recovery. This may deny access to available backups and recovery options.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.