An article from Recorded Future predicts some trends in ransomware for the coming year. One of the predicted trends is that successful ransomware campaigns will continue to rely on open remote desktop protocol (RDP) servers as the initial access point. These campaigns look for networks that have internet-facing servers running the RDP service, with attackers either taking advantage of well-known vulnerabilities in unpatched servers or using brute-force password attacks. Once the attackers have gained access to the exposed system, they use it as a jumping off point into the core of the network. Another trend is that nation-state threat actors will continue to use ransomware campaigns as a way to generate revenue. The twist is that nation-states will use the same ransomware tools criminals are using so that their activities blend in with other campaigns. Read the article at Recorded Future.