Security vendor Sophos says it has seen a spate of such attacks recently with the victims in most cases being small companies that rely on external parties to manage their Windows networks remotely. The trend highlights the need for organizations to ensure that RDP is turned off on all computers on the network on which it is not needed, to use VPNs for external connections and to implement strong authentication where possible, Sophos said. If possible, require a VPN connection to access the service and avoid direct Internet access.”]
Source: https://www.darkreading.com/attacks-breaches/crooks-turn-to-delivering-ransomware-via-rdp