The increasing attack incidences via Remote Desktop Protocol (RDP) have prompted the FBI to release an alert informing businesses to establish preventive measures. RDP, which is automatically enabled in all versions of Windows, is a network communication feature that allows software developers and network administrators to remotely support, troubleshoot, or manage other users’ or clients’ devices. Companies who outsource their IT teams or situated in multiple locations make use of RDP to access computers remotely, allowing for faster IT solutions implementation.
[Related: 2017’s notably abused system administration tools and protocols]
Since publishing a short informative piece in 2012 addressing the significance of MS12-020, exploited flaws involving Windows’ RDP have gone from being proofs-of-concept (POCs) to being a common entry point for cyberattacks. However, observations of blocked RDP attempts have shown that even personal devices are susceptible. Trend Micro detected more than 35 million brute force login attempts on home computers and personal devices in 2018, and attempts through RDP account for 85% of this number.
Here are just some of the attacks via RDP abuse in recent years:
Here are some best practices that your organization can practice to prevent attacks via RDP abuse:
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.