"Ransomware Groups to Increase Zero-Day Exploit-Based Access Methods in the Future"
According to security researchers at Trend Micro, ransomware groups are expected to tweak their tactics, techniques, and procedures (TTPs) and shift their business models as organizations strengthen their cybersecurity measures, law enforcement gets better at tracking down threat actors, and governments tighten regulations on cryptocurrencies. The researchers believe that ransomware groups will target zero-day vulnerabilities more frequently to gain initial access to the target's networks. Those include increased use of zero-day vulnerabilities to get initial access to the targets' networks. Another possible evolution in ransomware attacks involves an increasing focus on targeting cloud infrastructure. The researchers stated that they see these groups potentially diverting in two phases: first, criminals will adapt their current business models to work in cloud environments, treating instances as standard data to be encrypted. Second, they will gain maturity in understanding their targets and cloud environments and create more cloud-specific ransomware families designed specifically with unique cloud services in mind, creating new forms of ransomware attacks.