RDP can be incredibly dangerous because it gives an attacker access on the level of the compromised user and allows control of a remote system as though the attacker were sitting in front of it.
Combining this level of access with the prevalence of RDP and how easily it can be left exposed makes for a dangerous combination and a popular target for ransomware attacks.
Read “Ransomware Deployment Protocol: A Game of Cloud Attack Surface Whack-a-Mole” to understand more about: