Background: Cyber attack commonly based on vulnerability and user negligence. Ransomware also use the same concept.
An example of ransomware today: Conti and Ryuk code is similar. Conti uses a similar ransomware note template to Ryuk and that it appeared to be deploying the same TrickBot infrastructure.When the attack campaigns send unsolicited emails that it will using social engineering technique. Whereby, let users reduce the awareness. Therefore user will download malware from malicious websites or trick the user into opening malware through an attachment. Security expert noticed that the Conti ransomware has multiple anti-analysis features to slow detection and reverse engineering. Their method is using VBA code executes a multi-stage high obfuscation PowerShell script in the attempt to evade AV and security solutions. Ransomware is one of the most troublesome item since cyber attacks. Perhaps you can through below guideline to enrich related knowledge.
CISA and MS-ISAC Release the Prevention Best Practices – https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C.pdf