Millions of remote desktop accounts are being attacked every week

News
By published

Brute-force attacks targeting Microsoft's RDP recently shot up to nearly a million a day

RDP
(Image credit: Microsoft)

Cybercriminals continue to take advantage of the unprecedented number of employees working from home and researchers from Kaspersky have observed a huge spike in attacks targeting users of Microsoft Remote Desktop.

Remote Desktop Protocol (RDP) allows users to easily connect to their work computers at the office while working remotely which has proven quite useful for many during the pandemic. However, if a cybercriminal is able to gain access to RDP on a user's computer, they would have the same permissions and access to data and folders that they do.

According to Kaspersky, organizations around the world have seen increased generic brute-forcing attacks where cybercriminals utilize automated scripts to try countless combinations of passwords and user IDs in an attempt to find working credentials.

The number of brute-force RDP attacks was around 100,000 to 150,000 per day back in January and February of this year. However, at the beginning of March, the number of attacks shot up to almost a million per day.

Brute-force attacks

In a blog post, security research at Kaspersky, Dmitry Galov explained how cybercriminals took advantage of the mass transition to remote working to launch brute-force attacks targeting RDP, saying:

“Attacks of this type are attempts to brute-force a username and password for RDP by systematically trying all possible options until the correct one is found. The search can be based on combinations of random characters or a dictionary of popular or compromised passwords. A successful attack gives the cybercriminal remote access to the target computer in the network. Brute-force attackers are not surgical in their approach, but operate by area. As far as we can tell, following the mass transition to home working, they logically concluded that the number of poorly configured RDP servers would increase, hence the rise in the number of attacks.”

To prevent falling victim to these kinds of attacks, it is recommended that users implement strong passwords and two-factor authentication to protect their accounts. Accessing RDP through a corporate VPN is another security measure that employees working from home can take to secure their remote connections

Via ThreatPost

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
ransomware avast
One of the most powerful ransomware hacks around has been cracked using some serious GPU power
person at a computer
Infamous ransomware hackers reveal new tool to brute-force VPNs
person at a computer
Many workers are overconfident at spotting phishing attacks
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Latest in News
Google DeepMind panel discussion
“More sovereignty and protection” - Google goes all-in on UK AI with data residency, upskilling projects, and startup investments
An image of the Nintendo Switch 2
Nintendo Switch 2 could have AI upscaling similar to PS5 Pro’s PSSR according to patent, and it could be a gamechanger for graphics on the upcoming console
PowerColor Red Devil AMD RX 9070 XT graphics card shown side-on
Your next GPU could be from AMD, not Nvidia, if Team Red’s success with PC gamers continues
Quordle on a smartphone held in a hand
Quordle hints and answers for Tuesday, March 18 (game #1149)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Tuesday, March 18 (game #380)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Tuesday, March 18 (game #646)
More about security
person at a computer

Infamous ransomware hackers reveal new tool to brute-force VPNs
ransomware avast

One of the most powerful ransomware hacks around has been cracked using some serious GPU power
Don't miss discounts on EA College Football 25.

I can't believe how cheap EA Sports College Football 25 is at Best Buy right now
See more latest
Most Popular
Apple Watch Ultra 2 settings
I've been using an Apple Watch for 10 years – here are three common mistakes even I've made
person at a computer
Infamous ransomware hackers reveal new tool to brute-force VPNs
Google DeepMind panel discussion
“More sovereignty and protection” - Google goes all-in on UK AI with data residency, upskilling projects, and startup investments
An image of the Nintendo Switch 2
Nintendo Switch 2 could have AI upscaling similar to PS5 Pro’s PSSR according to patent, and it could be a gamechanger for graphics on the upcoming console
Samsung Galaxy S24 hands on handheld back straight white
The Samsung Galaxy S24 is getting one of the S25’s biggest video upgrades with One UI 7 – here’s why Log Video matters
PowerColor Red Devil AMD RX 9070 XT graphics card shown side-on
Your next GPU could be from AMD, not Nvidia, if Team Red’s success with PC gamers continues
AI fashion
I asked ChatGPT 4o, Gemini Live, and Siri what to wear, and only one could really help me look my best
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Tuesday, March 18 (game #646)
Quordle on a smartphone held in a hand
Quordle hints and answers for Tuesday, March 18 (game #1149)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Tuesday, March 18 (game #380)