Just a few years ago ransomware attacks typically included only file encryption capabilities. In 2021, cyber criminals will target critical infrastructure operators by adding hacking operation capabilities to multistage ransomware attacks. In this session we will analyze the new TTPs used by cybercrime actors targeting critical infrastructure providers with ransomware-embedded attacks.