Researchers from Fox-IT claim remote desktop protocol (RDP) has emerged as a new point of entry into the network for malicious actors. Remote desktop protocol is a departure from its traditional use as a way for attackers to move around the network, as well as a shift from more common propagation techniques. The RDP credentials alone might be worth money in the underground market. If the affected RDP is one piece of a bigger network, ransomware would only be viable for that segment. But if the affected server is on a server, then the attackers could access the entire network.”]
Source: https://securityintelligence.com/news/remote-desktop-servers-can-act-as-ransomware-entry-points/