In their recently released Q4 2020 report, ESET reports seeing a 768% growth in the amount of Remote Desktop Protocol (RDP) attacks. As more employees than ever worked remotely, resources needed to be made available for them to continue to do their jobs. Unfortunately, in the rush to make these resources available for employees, security best practices were not always followed. Exposing RDP directly to the Internet lets attackers easily discover and profile systems, retrieve usernames, observe when users are logged in, and attempt to guess many passwords over a long period of time. Researchers at ESET saw an increase in brute force attempts, phishing emails created to steal credentials and even a few severe exploits against publicly-exposed RDP systems. ESET explicitly names ransomware as one of the top reasons to pay attention to RDP security. Often deployed as a last stage in other malware infections, ransomware authors in 2020 took full advantage of poorly configured RDP systems to steal and encrypt data. It isn’t all bad news though, as ESET expects RDP-related attacks to decrease in 2021 as more businesses learn how properly secure their environments in a largely remote work environment.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in