Award Banner
Award Banner
digicult

PSA: If you use RDP, you could be leaving a door open to hackers!

PSA: If you use RDP, you could be leaving a door open to hackers!
PHOTO: Pexels
PUBLISHED ONJuly 06, 2022 6:46 AMByKen Wong

The rise in remote or hybrid work has resulted in a corresponding rise in Remote Desktop Protocol (RDP) attack attempts said security firm Kaspersky.

According to the company, RDP attacks had actually been on the decrease in the years up to 2019, but with the rise of Work from Home with the Covid-19 pandemic, attacks in Singapore grew by 6.85 per cent in 2021 compared to 2020.

What is RDP?

Remote Desktop Protocol (RDP) is Microsoft’s proprietary protocol that enables a user to connect to another computer through a network of computers running Windows and is used by both system administrators and users to control servers and other PCs remotely.

But this is also what intruders exploit to penetrate a target computer using attacks like brute-force attacks.

A brute force attack uses trial and error in an attempt to guess or crack an account password, user login credentials, and encryption keys. Although simple, it is a fairly reliable tactic for gaining unauthorised access to individual accounts and organisations' systems and networks. 

Staying safe from harm

Some recommended methods to stay safe from RDP attacks include:

  • Use different strong passwords to access different corporate resources
  • Update all software and apps on employee devices to the latest version
  • Enable access to your network or make RDP available only through a corporate VPN
  • Use Network Level Authentication (NLA)
  • If possible, enable multi-factor authentication
  • If you don’t use RDP, disable it and close port 3389. Disabling this does not hinder one’s usage of Google Workspace or Microsoft 365.
  • Give employees basic security awareness training which can be done online.
  • Ensure your employees are equipped to securely work from home and know who to contact when faced with an IT issue
  • Use a reliable corporate security solution that will be installed on all employee devices, as well as solutions for tracking equipment in case of loss. Choose one with network threat protection that includes log inspection functionality to configure monitoring and alert rules for brute force and failed login attempts
  • Where possible, use encryption on devices used for work purposes
  • Ensure access to the latest threat intelligence to boost your protection solution.
  • Make backup copies of critical data

ALSO READ: Hackers leak 190GB of data allegedly from Samsung, includes source code and biometric unlocking algorithms

This article was first published in HardwareZone.

HackingDigitaldata
This website is best viewed using the latest versions of web browsers.