APT27 has been predominately known for its work on cyberespionage campaigns on behalf of the Chinese Government. This is not the first time that the group has switched tactics to financially motivated attacks through the use of ransomware. The group used older vulnerabilities in their attacks. Typically, it is common for threat actors to go back to old vulnerabilities when they are attempting to infiltrate companies with the hope that they did not apply security patches and updates. Whenever patches or updates become available, they should be applied immediately. Early detection of intrusions can prevent threat actors from having the opportunity to steal data and encrypt files with ransomware. The teams at Binary Defense stand ready to partner with organizations to provide strong security monitoring and detection capabilities that can stop attacks quickly. Companies should ensure that they have multiple sets of backup documents that get updated regularly to prevent a lapse in services or work in the event of a ransomware attack.

More can be read here: https://www.bleepingcomputer.com/news/security/chinas-apt-hackers-move-to-ransomware-attacks/