Published on April 30th, 2020 📆 | 4115 Views ⚑0
Brute force attacks on RDP devices have ‘rocketed’ with increase in home working: Kaspersky
Infosec pros are being warned to make sure Windows systems are locked tightly down after evidence emerged that generic brute force attacks on computers and servers allowing access through Microsoft’s remote desktop protocol have recently skyrocketed.
In a report released Thursday security vendor Kaspersky Labs said that since the beginning of March — roughly when organizations began insisting people work from home due to the COVID-19 pandemic — hackers’ attempts to force their way into Windows systems through brute force credential attacks have jumped significantly.
“As far as we can tell, following the mass transition to home working, they [attackers] logically concluded that the number of poorly configured RDP servers would increase, hence the rise in the number of attacks,” the report says.
Brute force attacks can be based on combinations of random characters or a dictionary of popular or compromised passwords, it adds.
The numbers released cover seven countries: The U.S., Italy, Germany, Spain, France, Russia and China.
In the U.S. there was a leap around March 10, followed by a huge spike on April 6th. By comparison, the jump that started around March 10th in China has steadily grown.
Kaspersky says administrators who allow RDP to be used should
If you use a different remote-access protocol, admins still cannot relax, says Kaspersky: At the end of last year, its researchers found 37 vulnerabilities in various clients that connected via the VNC protocol, which, like RDP, is used for remote access.
In addition, the report also urges infosec leaders to remind employees of the basics of digital security, including their responsibility to update the software on personal devices that connect to the corporate network. If possible, make them install security solutions on those personal devices.
Cybersecurity Conversations with your Board – A Survival Guide
A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA