Here is the informational email from the FBI’s InfraGard system. Contact me if you need more information.
Attention InfraGard member,
You have received a new broadcast message.
CrySiS Ransomware Targets US Businesses through Open RDP Ports
Between June 2016 and July 2017, CrySiS ransomware targeted hundreds of US businesses, to include churches, private businesses, medical facilities, law firms, and local governments vulnerable to Remote Desktop Protocol (RDP) implementations, CrySiS actors demanded cryptocurrency in exchange for a decryption key. The FBI assesses it is likely the cyber criminals used an open RDP port to deploy CrySiS ransomware. Using the RDP port for intrusion presents a challenge because the malware enters through an approved access point. This method decreases the likelihood of detection and ability for businesses to mitigate infection.
Please log in to https://www.infragard.org to view the message.