How will ransomware evolve in the short term?

Ransomware will continue to evolve and adapt to the current state of IT throughout the industry. As one hold is plugged, another one opens. Quite frankly, ransomware actors control the path more the administrators fighting against them. They are usually one step ahead and control where the attacks will trend and evolve. The industry is getting quicker to adapt and respond to those threats though. We need to continue to utilize AI and ML to get out in front of the bad actors and predict what the new patterns will be.

I agree with others that the threat to keep data encrypted isn't likely to keep malicious actors motivated going forward, as more and more businesses protect appropriately against the data loss. Threatening to release PII and/or proprietary secrets will apply in some situations, but I could see releasing embarrassing or incriminating documents or conversations happening as well.

I expect (and have observed) attacks becoming more targeted at specific users that are likely to have elevated credentials and/or access to financial information. Basically the attackers are trying to increase their ROI, and in many cases they are probably succeeding. 

In most cases, the bad actors to launch ransomware seek short term gains from the victims. Never ever make any payments to bad guys. This short term fix opens up door for hackers to come back and attack more and more networks for financial gains. Ransomware has impacted victims pretty badly in the short terms. Recently our school district systems were attacked by ransomware like threat and recovery took several days before students were able to get back in normal routine.

I believe ransomeware will become more targeted towards individual users as opposed to company resources such as a file server.  The prospect of paying a smaller ransom to quickly unlock files for an executive requires less discussion and coordination than doing so for an entire organization.  This approach is more efficient for the criminal organization and will allow them to execute a greater number of smaller transactions with less risk.