Thursday, January 21, 19:39
Home security Lockdown: More than 100.000 brute-force attacks on RDP daily

Lockdown: More than 100.000 brute-force attacks on RDP daily

brute-force in RDP

According to telemetry data, the number of daily brute-force attacks aiming at Windows remote desktop service (RDP) almost doubled during it lockdown.

All this time, because COVID-19, many Employees they were forced to move away work. This means that they are not based on the infrastructure monitored by the company. However, they continue to have access in sensitive information in the corporate network.

Thousands of brute-force attacks on a daily basis

Remote work forced many employees to use personal device to connect to the work environment, through remote desktop services. The protocol Windows Remote Desktop is the most common.

Many users, emphasizing convenience, create easy-to-use codes access without applying additional levels security, such as two-factor authentication.

Cybercrime criminals did not miss this opportunity either increased the number of brute-force targeting RDP services. The malicious hackers want to gain access to the company's network, gain administrator privileges and develop malware.

The telemetry data recorded by the cybersecurity company ESET, from December 1, 2019, show one abrupt increase in the daily number of brute-force attacks against RDP services.

From December 2019 to February 2020, the attacks it was between 40.000 and 70.000. The upward trend began in February, when the number reached 80.000.

In April and May, the attacks reached 100.000. By this time, Catholicism had been imposed in most countries lockdown.

Lockdown

According to ESET, most of the brute-force attacks, between January and May 2020, came from IP addresses from USA, The China, The Russia, Germany and France. Most of them Targeted IP addresses were in Russia, Germany, the Brazil and Hungary.

The company he says that the ransomware is the main risk after a violation of RDP. However, the cryptocurrency mining and installation backdoors they are also potential threats.

ESET provides the following scenarios that could follow an RDP breach:

  • Clearing log files to remove previous malicious activity
  • Receiving and executing tools and malware
  • Disable security copies or even delete them
  • Data theft from servers

ESET says one way to avoid brute-force attacks is to deactivate the RDP connection, which can be accessed from Internet.

Of course, this must be combined with other security measures, such as the multi-factor authentication application and use of unique and strong passwords for all accounts that are accessible via RDP. Finally, increased protection is provided by installing one VPN.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...
00:02:35

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...