RDP Brute-Force Attacks on Rising Since Organizations Start Remote Working Worldwide

Due to the work from home possibilities, cybercriminals are constantly targeting normal users, as at this time they are working remotely, that’s why the usage of the RDP and video communication platforms will be high. And to take advantage of this situation, they are launching different types of attacks like phishing, malware, fraud, and disinformation campaigns.

The cyber criminals are simply taking the COVID-19 pandemic as a luring opportunity. As in recent times, the activities of cyber criminals have skyrocketed in the daily life of users. 

We all know that due to the deadly COVID-19 pandemic, many companies are simply opting for the work from home option, and for this reason, users have already started working from home, which seems to be a golden situation for the cybercriminals! Yes, they really don’t want to miss this golden situation.  

As we have already seen in the case of Zoom, how these types of services have grown in recent weeks and suffered different types of attacks. So, if these platforms will become the targets of the attackers, then undoubtedly, the one who will suffer along with the company is the users of the platform.

RDP Brute-Force Attacks

This time we can see a massive increase in brute force attacks on RDP. As hackers are targeting the corporate resources that are used by the employees of the firm to simply carry out their tasks remotely.

Something that has now become very popular due to the COVID-19 pandemic. So, if you want to work remotely, then, of course, you have to use RDP (Remote Desktop Protocol) simply to access the business devices remotely, like the office computers or Windows servers from home.

But, here, the main problem is that many of these RDP servers are used, are exposed to the network. So, being misconfigured can easily expose all the essential data of the company, its employees, and it’s customers as well.

Kaspersky Warns About The Problem

This report has been published by Kaspersky, in which they have warned about the significant growth in brute force attacks on RDP. They assure that this is something that has affected many countries since the beginning of March. Rationally we are facing the date when many employees globally began to work remotely.

As we all know that, this type of attack, what it does, is to test numerous credentials and passwords. They look for typical combinations, keys that have been previously exposed, to access. Therefore, it is very important to always protect our systems with passwords that are unique and strong.

In case, if an attacker is successful with this practice, they could easily collect confidential information of the companies to distribute the malware, phishing attacks, fake & misleading campaigns, etc..

As a result, the attacker could quickly get the full control or access over the infected network and the system. Not only this, even they could also sell the hacked RDP credentials in dark web forums as well.

Apart from all these things, according to the data from BinaryEdge and Shodan, more than 4.5 million computers are exposed to the attacks of this type worldwide.

Measures to Avoid This Type of Cyberattacks

  • Always use strong passwords.
  • Enable the “Two-factor Authentication” security system.
  • Enable Network-Level Authentication (NLA).
  • Always disable RDP, if it’s not in use.
  • Always use the Account Lockout security feature.
  • Always use a VPN.

So, what do you think about this? Simply share all your views and thoughts in the comment section below.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.