Posted on October 18, 2021
Want to interview Gerry?
ContactEarly in the COVID pandemic, we wrote about how attacks on RDP surged as huge numbers of employees shifted to working from home.
Back then, we thought it was bad news when attacks on RDP ports in the US topped one million a day. Now, almost a year and a half later, those million attacks are looking like child’s play.
A recently issued cybersecurity report revealed that 55 billion new brute force attacks on RDP ports had been detected between May and August of 2021. That’s over 450 million attacks each and every day – double the pace from the first four months of the year.
During those four months, over 17% of the attacks were on targets in Spain. The report describes Spain’s woes as a “runaway trend,” with attacks against targets in the country accounting for a third of all those detected in August.
Europe is being hit hard in general – targets in Germany, Italy, and Poland each accounted for around 6% of attacks. Those three countries, together with Spain, accounted for over one third of all attacks.
The USA was in third place, behind Spain and Germany, with 6.5% of the attacks. That came to 27 million a day – a 27-fold increase over what we found alarming early in the pandemic.
The reasons for the increase in RDP-related attacks that we mentioned back at the start of the pandemic – more people working from home, and lazy users with easy to guess usernames and simple, easy to break passwords – remain relevant today. Additionally, it seems hackers are having a hard time finding new targets, so they are hitting familiar targets with greater gusto. The number of daily attacks per unique client doubled between the first trimester of 2021 and the second, from 1,392 attempts per machine per day to 2,756.
The best way to avoid attacks on RDP ports is to avoid using RDP. Ericom Connect enables users to access in-office computers remotely via VPN or with our built-in secure gateway, without relying on RDP. An even better strategy is to migrate to full ZTEdge Zero Trust Network Access (ZTNA), which protects against lateral movement in the event that a hacker gets in.
Both Ericom Connect and ZTEdge ZTNA are relatively quick and easily to implement. But to help you secure your RDP-based setup these are a few precautions you can take right now:
Retiring RDP solutions, or at a minimum, protecting against brute force attacks on RDP ports, is just one small effort toward staying cyber safe. With the continuing increase in cyberattacks of all kinds, the ideal solution is to start moving to a Zero Trust approach to network security as soon as your organization possibly can.
“Operation Duck Hunt” Shuts Down QakBot Botnet
The FBI-led takedown of Qakbot was an operation that involved seven countries. Malware was removed from 700,000 computers. But don’t think all that makes you safe.
How GenAI is Supercharging Zero-Day Cyberattacks
Generative AI empowers its users to work fast, better and more efficiently. Alas, this includes cybercriminals, who are using malicious GenAI platforms to accelerate zero-day exploit creation.
Cybercriminals Disdain the Law, But Find Law Firms Attractive
Cybercriminals love the multiplier effect they get from attacking law firms: Hack in, and they get firm data PLUS juicy confidential client info.