Ransomware operators are moving away from mass volume attacks and partnering with specialists who use APT techniques to provide stealthy infiltration and network-wide encryption capabilities. Network breach actors illegally gain access to networks, and over time, slowly take control by installing backdoors, gaining the credentials of administrative accounts, ultimately gaining control over domain controllers. By partnering with ransomware operations, these network breach actors can sell the networks they have access to a lost easier, as well as to potentially gain much greater revenue by becoming an affiliate of a RaaS.
Source: https://www.bleepingcomputer.com/news/security/ransomware-gangs-adopt-apt-tactics-in-targeted-attacks/