2016 was hailed as the "Year of Ransomware" but the growth of this criminal industry isn't slowing down. As more money is pumped into the ransomware ecosystem, the means by which ransomware is distributed are evolving. This talk covers a number of emerging trends in ransomware, including RaaS, attacks targeting vulnerable databases such as MongoDB and MySQL, and longer recon times during which ransomware distributors tailor the ransom demands to the company they are targeting, and a more detailed case study of ransomware using a non-traditional infection vector (neither spear phishing nor malicious websites). There will also be coverage of a few of the funnier ransomware incidents. In conclusion there will be some practical suggestions for minimizing the risk of losing data to ransomware or being infected in the first place.