Disable Remote Desktop when not required and when required enable that.
If you must keep Remote Desktop on, ensure you have a very strong password set for it. A long password with a mix of upper and lowercase letters, numbers, and symbols is ideal.
Wherever possible, enable two-factor authentication for your accounts.
Run a scan with your antivirus software to rule out any malware that might be facilitating the attack. Update the system.