Why are RDP attacks so dangerous?Puts your business at riskOne poorly secured RDP connection can open the gates to an entire corporate system, leaving the whole company and its data exposed. An example of this is a
recent story of Garmin, a GPS vendor, who was forced to pay $10M to extortionists because its security specialists failed to solve the problem.
Attacks are getting more sophisticated, yet easier to executeThe criminals manage complex penetration schemes and apply a combination of methods at once. In the meantime, personal data and hacking tools are becoming more available. Just recently, Dharma's source code – a ransomware SaaS that targets RDP, was released to be sold online. The number of password databases and brute force dictionaries is increasing, plus there are now lists of servers with an open RDP port. At Variti, we have witnessed a surge of sophisticated bots that constantly scan all available access points and try to crack passwords.
Businesses aren’t protectedAs COVID-19 ascended, companies had to react fast and adapt to home working. The short deadlines and crisis budget cuts took priority over security measures, leaving many set ups vulnerable till this day.
To make matters worse, these unprotected businesses would not be aware that such an attack is underway, so would not think to ‘put the fire out’ either. Companies may notice decreased performance and longer than usual server responses, but often treat them with memory optimisations and other irrelevant methods.