As the pandemic forced homebound workforces into a virtual environment, professionals turned to remote application-level protocols to access Windows workstations and servers. The result — Remote Desktop Protocol (RDP) attacks have surged exponentially and RDP endpoints have become a common target. JP Jones, CTO of Top10VPN says as more businesses consider the long-term viability of remote work, organizations should pay more attention to common threats that can be mitigated by reinforcing cybersecurity best practices. Â
Adjusting to life during the pandemic has involved finding new ways of carrying out our daily activities online. But this wholesale shift to virtual life has inevitably increased the opportunity for cybercriminals, both in size and scope.Â
The United Nations has reportedOpens a new window a significant jump in cybercrime during the pandemic, with a 350% increase in phishing websites since the start of the year. In March, RDP brute-force attacks increased by 400%Opens a new window , while email scams relating to the coronavirus surged by 667%.Â
While the cybersecurity risks of working from home are numerous, the reality is that most internet users will only have limited knowledge of them, if any at all. This needs to change if people are to take steps to protect themselves and their company network.Â
The average internet user doesn’t need to become a cybersecurity expert, but having a basic knowledge of the cybersecurity threats they face at home needs to be normalized. For instance, if knowledge of Remote Desktop Protocol (RDP) attacks were more common, businesses would be more likely to ensure they are adequately protected against them.
Brute-Force RDP Attacks Are on a Rise
RDP attacks at large are typically brute-force attacks. An attacker will scan for an RDP server on the internet (by default TCP Port 3389) and, once they have found an open port, will try to brute-force the access credentials. Suppose an attack is successful on a machine that is connected to a corporate network. In that case, this is a great first step for hackers to penetrate deeper into the network and access confidential information or even launch further attacks on other networks.
If a business uses RDP, they can protect it by ensuring RDP ports are accessible only internally via the company network. This would hide it from attackers scanning the public internet for open ports and would prevent it from being brute-forced. Employees working remotely would then be able to access their company’s RDP by connecting to the office network via a VPN. Two-factor authentication and a strong password should also be used to authenticate the user.Â
However, if an employee tries to connect to the office RDP with a personal device while working from home, they could be putting the entire company network at risk. For instance, if their device has keylogging malware installed, everything typed (such as the RDP gateway IP address, access credentials, email passwords and email contents) would be visible to a bad actor.Â
By understanding RDP basics, users would know how important it is to connect to their business’ RDP securely.Â
Learn More: Why Leading Cybersecurity Analysts Are Leaving Their Firms for ‘Vendor Land’
Poor Cybersecurity Habits Can Put Data at Risk
As well as having a basic knowledge of RDP attacks, internet users should understand other threats that could put their data and company network at risk, such as weak password security or activities of other household members.
Weak security on personal devices or the network router makes a household easy prey for hackers. Hackers can exploit routers that aren’t regularly updated with the latest firmware and have default credentials set to access the network. Meanwhile, a weak Wi-Fi password could grant someone outside the home, such as a wardriver, access to the network and the devices connected to it via a brute-force attack.Â
An untrustworthy housemate could also take advantage of an unsecured device left around the home to look at sensitive data or install malware. Even housemates you do trust can put your network at risk if their cybersecurity practices are poor. Downloading pirated software or visiting a malware-laden website can put all devices on the network at risk while sharing USB sticks can also pass malware from one device to another.
On top of all of that, just being at home can lull people into a false sense of security, making them more likely to click on suspicious links and fall prey to phishing scams.Â
Learn More: Home Offices Are Easy to Hack: 3 Keys for Security Pros
Employees Need to Recognize the Risks of Remote Work
By learning about these threats, users would understand the importance of taking simple steps to protect their network. Using strong passwords, activating two-factor authentication when possible, storing personal devices securely, and using a VPN should become common practice. Learning about RDP attacks and how to spot phishing attacks are other invaluable skills.Â
Businesses also have a responsibility to carry out adequate cybersecurity training with their employees. This would ensure staff stays alert and up-to-date on relevant cybersecurity practices.
Now more than ever, people need to understand the threats to their home networks and how to mitigate them. With remote life set to continue, cybersecurity practices must go mainstream.
Let us know if you liked this article on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!