News
News Categories

PSA: If you use RDP, you could be leaving a door open to hackers!

By Ken Wong - on 4 Jul 2022, 9:58am

PSA: If you use RDP, you could be leaving a door open to hackers!

Sometimes, the help you get may not be what you really need. Image source: Pexels.

The rise in remote or hybrid work has resulted in a corresponding rise in Remote Desktop Protocol (RDP) attack attempts said security firm Kaspersky.

According to the company, RDP attacks had actually been on the decrease in the years up to 2019, but with the rise of Work from Home with the Covid-19 pandemic, attacks in Singapore grew by 6.85% in 2021 compared to 2020.

 

What is RDP?

Kaspersky figures show the increase in RDP attacks in the region. Image source: Kaspersky

Remote Desktop Protocol is Microsoft’s proprietary protocol that enables a user to connect to another computer through a network of computers running Windows and is used by both system administrators and users to control servers and other PCs remotely.

But this is also what intruders exploit to penetrate a target computer using attacks like brute-force attacks.

A brute force attack uses trial and error in an attempt to guess or crack an account password, user login credentials, and encryption keys. Although simple, it is a fairly reliable tactic for gaining unauthorised access to individual accounts and organisations' systems and networks. 

 

Staying safe from harm

 

Some recommended methods to stay safe from RDP attacks include:

  • Use different strong passwords to access different corporate resources
  • Update all software and apps on employee devices to the latest version
  • Enable access to your network or make RDP available only through a corporate VPN
  • Use Network Level Authentication (NLA)
  • If possible, enable multi-factor authentication
  • If you don’t use RDP, disable it and close port 3389. Disabling this does not hinder one’s usage of Google Workspace or Microsoft 365.
  • Give employees basic security awareness training which can be done online.
  • Ensure your employees are equipped to securely work from home and know who to contact when faced with an IT issue
  • Use a reliable corporate security solution that will be installed on all employee devices, as well as solutions for tracking equipment in case of loss. Choose one with network threat protection that includes log inspection functionality to configure monitoring and alert rules for brute force and failed login attempts
  • Where possible, use encryption on devices used for work purposes
  • Ensure access to the latest threat intelligence to boost your protection solution.
  • Make backup copies of critical data
Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.