Remote Desktop Protocol or "RDP" attacks have been a primary focal point for hackers during the pandemic due to increased work-from-home scenarios. RDP credentials are being sold for only few dollars on the dark web. Here's what you need to know to avoid allowing hackers access to your data in this type of situation.
What does RDP stand for?
Remote Desktop Protocol is a proprietary protocol developed by Microsoft. It allows users to access a desktop computer remotely by connecting to another computer over a network connection.
Why are Hackers focused on it?
Bad guys are aware that during the pandemic employees are doing a larger percentage of their work via remote access.
This means that many more companies are trusting their sensitive data to pass through RDP. While RDP is convenient and effective, many IT departments neglect to make protecting it a top priority.
What makes RDP vulnerable to attack?
When employees use simple passwords without enforcing multi-factor authentication and additional layers of protection, it becomes easy for hackers to use RDP to gain network access.
Ransomware groups use RDP as a doorway to brute-force attack their way in, elevate their status to admin, disable security software, and encrypt corporate networks.
How can RDP be more secure?
The best way to defend against this vulnerability, while still giving workers the remote access they need, is to use a combination of brute-force attack monitoring--which send out an alert when too many failed login attempts are detected, and dark web monitoring to determine what employee login information is already being sold online.
It's also important to make sure the latest version of RDP is being used to avoid security flaws found in earlier versions.
What RDP alternatives are available?
SMBs that are already using Azure, can use Windows Virtual Desktop. Its simplified management, multi-session Windows 10 capability, built-in security, and optimizations for Microsoft 365 Apps makes it the best solution for a virtual desktop. If you're interested in discussing the switch to the latest Microsoft 365 with Windows Virtual Desktop on Azure, contact us.
For file sharing, OneDrive can also be configured to access files securely from anywhere.
Other options include a VPN using MS Terminal Services Client, but those have their own security concerns. Many flaws were revealed in the most popular VPNs at last year's DEF CON hacking conference.
Where should you go from here?
If your business is using RDP, you need to check with an IT and cybersecurity pro to make sure that it's as secure as it can be.
You also should look into investing in as dark web monitoring solution, like the one we bundled into our popular cloud security add-on for Office 365.
Azure offers some great built-in security options for Windows Virtual Desktop, and is quickly becoming the best choice for companies looking to replace older less-secure Remote Desktop Protocols.
Secure remote work setups are available for any size SMBs if you know where to look. Let us discuss some options with you if you suspect that your current remote desktop is vulnerable to attack.
