Infosec pros are being warned to make sure Windows systems are locked tightly down after evidence emerged that generic brute force attacks on computers and servers allowing access through Microsoft’s remote desktop protocol have recently skyrocketed.

In a report released Thursday security vendor Kaspersky Labs said that since the beginning of March — roughly when organizations began insisting people work from home due to the COVID-19 pandemic —  hackers’ attempts to force their way into Windows systems through brute force credential attacks have jumped significantly.

“As far as we can tell, following the mass transition to home working, they [attackers] logically concluded that the number of poorly configured RDP servers would increase, hence the rise in the number of attacks,” the report says.

Brute force attacks can be based on combinations of random characters or a dictionary of popular or compromised passwords, it adds.

The numbers released cover seven countries: The U.S., Italy, Germany, Spain, France, Russia and China.

In the U.S. there was a leap around March 10, followed by a huge spike on April 6th. By comparison, the jump that started around March 10th in China has steadily grown.

RDP brute force attacks in U.S. Chart by Kaspersky

Kaspersky says administrators who allow RDP to be used should

If you use a different remote-access protocol, admins still cannot relax, says Kaspersky:  At the end of last year, its researchers found 37 vulnerabilities in various clients that connected via the VNC protocol, which, like RDP, is used for remote access.

In addition, the report also urges infosec leaders to remind employees of the basics of digital security, including their responsibility to update the software on personal devices that connect to the corporate network. If possible, make them install security solutions on those personal devices.

Would you recommend this article?

0
0
Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada


Related Download
Cybersecurity Conversations with your Board Sponsor: CanadianCIO
Cybersecurity Conversations with your Board – A Survival Guide
A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA
Download Now