Cybercrime forums give gangs the ability to purchase remote access credentials for a range of corporate networks. Ransomware-wielding gangs are typically breaking into victims’ networks using one of three techniques: Remote desktop protocol access or some other type of remote access; phishing emails; or malware that’s sometimes used in drive-by attacks against browsers. Security experts say it’s essential for organizations to lock down RDP and ensure they have defenses against these attack vectors in place and tested. Some gangs have also been raising their ransom demands, especially for large businesses.”]
Source: https://www.healthcareinfosecurity.com/top-ransomware-attack-vectors-rdp-drive-by-phishing-a-14353