From helpnetsecurity.com
Ransomware has lately been the primary method of monetization for threat actors. Still, research has revealed a slight decrease in ransomware attacks and ransomware payments this past year, suggesting cybercriminals are evolving their strategies.
Threat actors have been leveraging more discreet techniques to make a profit by directly targeting an enterprise’s crown jewels—enterprise resource planning (ERP) applications. We’ve already seen threat groups entering business applications and staying undetected for months while quietly siphoning millions of dollars.