Organizations relying on remote desktop access for remote-work forces need to ramp up their endpoint defenses, according to one cybersecurity firm.
The Remote Desktop Protocol (RDP) is probably one of the most popular ways for organizations to facilitate quick remote-working arrangements during the pandemic.
This trend exploded in March last year when the World Health Organization declared the pandemic, and with the escalation of Remote Desktop Protocol (RDP) use, brute-force attack skyrocketed. Since then, according to one cybersecurity firm telemetry, the total number of RDP attacks in their client ecosystem has ebbed and flowed, but continued to increase against pre-pandemic levels.
According to Kaspersky, the total number of RDP brute-force attacks had jumped from 93.1m worldwide in February 2020 to 277.4m in 2020 in March—a 197 percent increase. From April 2020 onward, monthly attacks never dipped below 300m, and in Nov 2020, a new high of 409m attacks was reached worldwide. In February 2021, there were 377.5m brute-force attacks.
Said one of the firm’s security experts, Dmitry Galov: “Many companies have stated that they will continue to include remote work in their operating model, or pursue a hybrid format. That means it’s likely these types of attacks against remote desktop protocols will continue to occur at a rather high rate. 2020 made it clear that companies need to update their security infrastructure, and a good place to start is providing stronger protection for their RDP access.”
RDP attacks in SEA
Kaspersky’s telemetry shows a slow but steady increase in the number of RDP attacks in the South-east Asian (SEA) region, hitting the highest in the month of September 2020 with 31,019,009 brute force attacks against its users. Overall, the firm had blocked a total of 214,054,408 RDP exploits in SEA.
Said Chris Connell, Managing Director (Asia Pacific), Kaspersky: “On a daily average, our solutions foiled almost 600,000 RDP brute force attacks here in SEA last year, with a total of 2,864,882 attacks in Singapore in just the first two months of 2021, which is 33.9% of 2020’s total incidents. The sheer number of attacks we’ve identified paints a worrying picture of the increasing vulnerability employees working from home are exposed to. We call on business owners, from the largest enterprises to small and medium businesses, to consider putting up basic endpoint solutions and utilize adaptive trainings to repel these malicious attempts online.”