RDP Brute-Force attacks
Remote Desktop Protocol (RDP) is one of the most popular protocols developed by Microsoft products, which allows users to connect to workstations or remote servers.
"The attackers who carry out Brute-force attacks are not accurate in their approach, but they operate in each area. As far as we can tell, after the mass transition to homework, they have logically concluded that the number of poorly configured RDP servers will increase, hence the increase in the number of such attacks, "Kaspersky said in a statement. blog post.
To perform RDP brute-force attacks, hackers use various tools to detect IP addresses and ports used by RDP servers.
Once they detect the servers, the intruders use various combinations of username and password to gain access to them.
How can you reduce the chances of such attacks:
- Set strong RDP passwords
- Apply network level authentication
- Apply two-factor authentication
- Disable RDP if not in use
- Implement account locking policy