Issue: RDP Brute Force attack performed and Ransomware encrypted system or filesTechnique commonly used by Crysis, Dharma, GandCrab ransomware.Resolution: Use strong and long passwords To avoid brute force attack on RDP, avoid using Dictionary word and simple password. Always use long password with combination of Uppercase letters, Lowercase letters, numbers and special characters.Limit number of attempts Go to Start-->Programs-->Administrative Tools-->Local Security PolicyUnder Account Policies-->Account Lockout PoliciesAccount lockout threshold -> Set between 3 to 5Account lockout duration -> Ideally set more than 5 minutesOnly allow user accounts requiring RDP serviceGo to Start-->Programs-->Administrative Tools-->Local Security PolicyUnder Local Policies-->User Rights Assignment-->Allow logon through Remote Desktop ServicesAdd or Remove the User accounts or groups which require RDP serviceClose RDP port Use VPN connection to access remote desktop and close RDP ports (TCP 3389) access via firewall.Use RD gateway servers RD gateway proxy servers can be used for securing the connection with SSL.Read more here : https://social.technet.microsoft.com/wiki/contents/articles/10974.windows-server-2012-rds-deploying-and-configuring-rd-gateway.aspxArticle no: 000005204