Trend of RDP attack attempts against unique clients per day detected by ESET. From just under 30,000 reported attacks per day in December 2019, the volume has been hovering around 100,000 since April 2020. Other actions performed by attackers following an RDP breach include clearing out log files to remove evidence of their activity, installing tools and malware on compromised machines, disabling or deleting scheduled backups, and exfiltrating data from the server.ĮSET has seen a rise this year in reported RDP attacks from among its customers. Often, attackers will try to install coin-mining malware or even create a backdoor, which can be then used if their unauthorized RDP access is ever identified and shut down. However, ransomware and extortion aren’t the only types of attacks that can follow an RDP compromise, according to ESET. The top 6 enterprise VPN solutions to use in 2023ĮY survey: Tech leaders to invest in AI, 5G, cybersecurity, big data, metaverseĮlectronic data retention policy (TechRepublic Premium) Google offers certificate in cybersecurity, no dorm room required
If successful, the attackers can then invade a network, elevate their rights with administrative access, disable security products, and even run ransomware to encrypt critical data and hold it hostage.
Those flaws open the door for brute force attacks in which cybercriminals use automated tools to obtain the account password. Accounts with RDP privileges may have a weak password or no additional layers of security. Though Remote Desktop Protocol can be enough of a security risk on its own, organizations often compound the vulnerabilities by failing to properly secure RDP accounts and services. SEE: How to work from home: IT pro’s guidebook to telecommuting and remote work (TechRepublic Premium) A report published on Monday by ESET discusses how attackers take advantage of RDP and what organizations can do to combat them. Of course, cybercriminals have pounced on this transition, which is why RDP is more exploitable than ever.
But many of those employees still need to remotely access computers in the office, which has triggered an increase in the use of programs that rely on Microsoft’s Remote Desktop Protocol (RDP).
The coronavirus lockdown has prompted a host of organizations to require their staffers to work from home. How to protect your remote desktop environment from brute force attacksĪn RDP compromise provides a cybercriminal with a backdoor for ransomware and other types of malware, says security provider ESET.
0 kommentar(er)
