Amid the COVID-19 pandemic, people have accustomed themselves with new normal situations and working from home is one of them. At the same time, the world of cybersecurity has seen some drastic changes. In this situation Remote Desktop Protocol (RDP) attacks have increased at a rapid rate. The year of 2020, experienced a 768% increase in Remote Desktop Protocol attacks.
Remote Desktop Protocol (RDP) has been known since 2016 as a way to attack some computers and networks. Malicious cyber actors, hackers, have developed methods of identifying and exploiting vulnerable RDP sessions via the Internet to steal identities, login credentials and install and launch ransomware attacks. Most ransomware attacks gain access to a network via a backdoor approach that abuses flaws in RDP software or the way it is deployed. Researchers have discovered 25 vulnerabilities in some of the most commonly used RDP clients, including FreeRDP, Rdesktop, and Microsoft’s built-in RDP client with the executable file mstsc.exe.
To prevent these RDP attacks, the topmost priority should be to limit the number of open ports, restricting access, and enhancing the security of the exposed ports. It is extremely important to secure RDP ports and protocols in order to stay safe from ransomware attacks.