The vast majority of these workers have to remotely connect to their employers’ IT systems. Sadly though, their connections to corporate networks have become highly vulnerable attack vectors. For example, attackers recently sent phishing emails to remote workers that connected to their organizations’ networks via VPNs. Windows Remote Desktop Protocol (RDP) is also a target for cyber gangs, according to the ESET report.
RDP password attacks on the rise
Hackers are increasingly breaching RDP password security by launching multiple brute-force attacks. They’re targeting remote workers that use Windows RDP to connect to corporate IT systems. In particular, the criminal gangs take advantage of weak password protection policies, says ESET. ESET adds that most of the IPs it blocked between January and May 2020 were France, China, Russia, Germany, and US-based. On the other hand, many of the IP addresses that the cyber gangs targeted in their brute-force attacks were Hungary, Russia, Germany, and Brazil-based. Once they gangs have obtained an organization’s RDP login credentials, they start elevating their system privileges to admin level. From there, they can have a field day deploying their malicious payloads. Typically, brute-force attacks can pave the way for the deployment of ransomware or potentially unwanted apps, such as cryptominers. If your organization runs any web-facing system, consider requiring strong or complex passwords to minimize the success chances of brute-force attacks. Also, be sure to have ransomware protection in place. Have you ever fallen victim to a brute-force attack? Tell us your experience in the comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ