The COVID-19 pandemic has completely changed how people live and work with millions of people working from home due to pandemic-driven lockdowns. Attackers have leveraged the situation and launched a wave of attacks targeting RDP. The pandemic period has experienced a new trend in RDP attacks when almost all the attacks were connected via home networks.
Remote Desktop Protocol (RDP) has been known since 2016 as a way to attack some computers and networks. Malicious cyber actors, hackers, have developed methods of identifying and exploiting vulnerable RDP sessions via the Internet to steal identities, login credentials and install and launch ransomeware attacks.
Latest reports suggest that there has been a steady growth in RDP attacks throughout 2020. The number of firms facing RDP attacks per day remained constant throughout the year, although there was some variation in the number of attacks attempted at Q4 2020. However, an overall growth of 768% was observed between Q1 and Q4 2020. Most of the attacks observed by researchers against RDP are brute-force attacks. Several attackers exploited vulnerabilities to target RDP, while Microsoft regularly kept patching several RDP related flaws in 2020.
It is expected that this trend of growing RDP attacks will continue in 2021 as a large number of people are still working from home. Moreover, one of the biggest challenges in such attacks is the continued use of weak passwords and the reuse of the same passwords for other services. Therefore, password hygiene should be maintained to stay secure.