The best defensive strategy
to protect yourself from malware and ransomware (crypto malware) infections is a comprehensive approach
. Make sure you are running an updated anti-virus and anti-malware product, update all vulnerable software, use supplemental security tools with anti-exploitation features
capable of stopping (preventing) infection before it can cause any damage, close RDP
if you do not need it, use secure passwords
and routinely backup your data
...then disconnect the external drive when the backup is completed. If you must use RDP, the best way to secure it is to either whitelist IP's on a firewall or not expose it to the Internet. Put RDP behind a firewall, only allow RDP from local traffic, setup a VPN to the firewall and enforce strong password policies, especially on any admin accounts or those with RDP priveledges.
For more suggestions to protect yourself from ransomware infections, see my comments (Post #2) in this topic...Ransomware Avoidance
extension appended to the end of the encrypted data filename is a variant of Globe Ransomware
which typically leave files (ransom notes) named How to restore files.hta, Important Information.hta.
There is an ongoing discussion in this topic where you can post comments, ask questions and seek further assistance. Other victims have been directed there to share information, experiences and suggestions.
Rather than have everyone with individual topics, it would be best (and more manageable for staff) if you posted any more questions, comments or requests for assistance in the above support topic discussion...it includes experiences by experts, a variety of IT consultants, end users and company reps who have been affected by ransomware infections.
The BC Staff