Cyber-Criminals Exploiting Remote Working
McAfee has recorded a growth increase in the number of attacks on Remote Desktop Protocol (RDP) ports exposed to the internet. The study has highlighted yet another way in which cyber-criminals are exploiting the huge increase in people working from home as a result of COVID-19.
RDP ports are a vital means for many businesses to enable their employees to work from home, as they allow communication with a remote system. RDP ports are often exposed to the internet, which provides opportunities for attackers. With the sudden requirement to have large proportions of their staff working from home, McAfee believes it is likely that many organizations brought these systems online quickly with minimal security checks in place.
In total, the report showed that the number of RDP ports exposed to the internet grew from three million to 4.5 million in the period from January to March 2020. This led to a growth in attacks against RDP ports as well as an increase in the volume of RDP credentials sold on underground markets.
The country which had the most stolen credentials in this period was was China, followed by Brazil and Hong Kong. McAfee also looked into the methods attackers are using to breach RDP systems. Primarily access was gained due to weak passwords such as NULL123, P@ssw0rd and 123456. The security software company was also alarmed to find many vulnerable RDP systems did not even have a password. In addition, breaches were caused by vulnerabilities and lack of patching.
McAfee commented: “RDP remains one of the most used vectors to breach into organizations. For attackers, this is a simple solution to quickly perform malicious activities such as malware, spam spreading or other types of crime.
“There is currently a whole business around RDP on the underground market and the current situation has amplified this behavior. To stay protected, it is essential to follow best security practices, starting with the basics, such as using strong passwords and patching vulnerabilities.”
A number of studies have been released today, on World Password Day, revealing the extent to which remote employees have poor password practices, which is leaving businesses more exposed to attacks.
Want to get the best solution for your business?
At Tristar Tech Solutions, we take a realistic approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take.
To book a consultation or to arrange a further discussion, please get in touch.
News Source: https://www.infosecurity-magazine.com/