Share this article

Improve this guide

RDP password attacks increase since COVID-19 onset

2 min. read

Updated onOctober 4, 2023

updated onOctober 4, 2023

Share this article

Improve this guide

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Key notes

Recent ESET telemetry data indicates an increase inRDPpassword attacks from December 1, 2019 to May 1, 2020. Over the same duration, COVID-19-related restrictions have compelled hundreds of millions of employees to work from home.

The vast majority of these workers have to remotely connect to their employers’ IT systems. Sadly though, their connections to corporate networks have become highly vulnerable attack vectors.

For example, attackers recently sentphishing emailsto remote workers that connected to their organizations’ networks viaVPNs.

Windows Remote Desktop Protocol (RDP) is also a target for cyber gangs, according to the ESET report.

RDP password attacks on the rise

Hackers are increasingly breaching RDPpasswordsecurity by launching multiple brute-force attacks. They’re targeting remote workers that use Windows RDP to connect to corporate IT systems.

In particular, the criminal gangs take advantage of weak password protection policies,saysESET.

That is probably also the reason why RDP has become such a popular attack vector in the past few years, especially among ransomware gangs. These cybercriminals typically brute-force their way into a poorly secured network, elevate their rights to admin level, disable or uninstall security solutions and then runransomwareto encrypt crucial company data.

ESET adds that most of the IPs it blocked between January and May 2020 were France, China, Russia, Germany, and US-based.

On the other hand, many of the IP addresses that the cyber gangs targeted in their brute-force attacks were Hungary, Russia, Germany, and Brazil-based.

Once they gangs have obtained an organization’s RDP login credentials, they start elevating their system privileges to admin level. From there, they can have a field day deploying their malicious payloads.

Typically, brute-force attacks can pave the way for the deployment of ransomware or potentially unwanted apps, such as cryptominers.

If your organization runs any web-facing system, consider requiringstrong or complex passwordsto minimize the success chances of brute-force attacks. Also, be sure to have ransomware protectionin place.

Have you ever fallen victim to a brute-force attack? Tell us your experience in the comments section below.

[wl_navigator]

More about the topics:Cybersecurity,Manage passwords

Don Sharpe

Tech Journalist

Don has been writing professionally for over 10 years now, but his passion for the written word started back in his elementary school days. His work has been published on Livebitcoinnews.com, Learnbonds.com, eHow, AskMen.com, Forexminute.com, The Writers Network and a host of other companies.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Don Sharpe

Tech Journalist

Don has been writing professionally for over 10 years now, simplifying the tech universe for the mases.