Microsoft warns of ongoing human-operated ransomware campaigns targeting healthcare organizations and critical services. Many such attacks start with the human operators first exploiting vulnerabilities found in internet-facing network devices or by brute-forcing RDP servers. Microsoft advises potential victims to prevent threat actors from being able to exploit weaknesses they usually abuse to launch their attacks. Older platforms that have reached end of support and are no longer getting security updates, such as Windows Server 2003 and Windows Server 2008, exacerbated by the use of weak passwords.
Source: https://www.bleepingcomputer.com/news/security/microsoft-releases-guidance-on-blocking-ransomware-attacks/