Millions of people have been working from home for a year. In the course of this, the use of remote access tools has increased enormously - and with it a massive increase in brute force attacks against the Remote Desktop Protocol (RDP), one of the most popular remote access tools for workstations and servers.
In such attacks, cyber criminals test different usernames and passwords until they find the right combination and then get remote access to the computer within the network; possible consequences: espionage or theft of information.
Remote desktop attacks remain high
At the beginning of the corona pandemic, attacks on RDP in Germany rose by 220 percent - from February to March 2020. In total, there were almost 2020 million attacks on RDP in Germany since the start of the pandemic in March 2021 to February 247.
“Remote work, that is, working from anywhere, is here to stay,” says Dmitry Galov, security expert at Kaspersky. “Many companies have already announced that they will continue to use a hybrid model after the pandemic, so that employees are free to choose whether to come to the office or work at home. However, this also means that attacks on the Remote Desktop Protocol will likely remain at a high level. The year 2020 has shown that companies need to update their security infrastructure - this also includes remote access. Because with every attempted attack, the probability increases that cyber criminals can actually penetrate the company network and cause damage - be it data theft or espionage. "
Kaspersky Security Recommendations
When connecting to corporate networks from home - regardless of the tools used - employees should take the following protective measures:
- Use different, strong passwords to access company resources.
- Update all software on the devices used to the latest version.
- If possible, use encryption for devices that are used for work.
- Make regular backups of important data.
Employers should also:
- enable access to RDP through a corporate VPN.
- Enable the use of Network Level Authentication (NLA) when connecting remotely.
- Activate multi-factor authentication for access to data and services.
Kaspersky also recommends using a security solution for companies such as Kaspersky Endpoint Security for Business that offers protection against network threats.
More on this at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/