Cyber attacks spiral, targeting work-from-home remote access
WITH work from home becoming more popular amid the pandemic, cyberattacks against remote access protocols have continued to rise over the past year, a new report says.
After the switch to remote work, brute-force attacks against RDP – perhaps the most popular remote desktop protocol and used to access Windows or servers – skyrocketed, reaching a new high of 409 million worldwide in November 2020, research from cybersecurity firm Kaspersky shows.
In a brute-force attack, attackers test different usernames and passwords until the correct combination is found – gaining access to corporate resources.
When the world went into lockdown in March 2020, the total number of brute-force attacks against RDP jumped from 93.1 million worldwide in February 2020 to 277.4 million in March 2020 – a 197% increase, according to Kaspersky’s telemetry.
The numbers in India went from 1.3 million in February 2020 to 3.3 million in March 2020. From April 2020 onward, monthly attacks never dipped below 300 million, and they reached a new high of 409 million attacks worldwide in November 2020.
In February 2021 – nearly one year from the start of the pandemic – there were 377.5 million brute-force attacks – a far cry from the 93.1 million witnessed at the beginning of 2020.
“Remote work isn’t going anywhere. Even as companies begin considering reopening their workplaces, many have stated that they will continue to include remote work in their operating model or pursue a hybrid format,” said Dmitry Galov, security expert at Kaspersky.
“That means it’s likely these types of attacks against remote desktop protocols will continue – at a rather high rate.
“2020 made it clear that companies need to update their security infrastructure, and a good place to start is stronger protection for their RDP access.”
Enabling access to RDP through a corporate VPN and enabling use of Network Level Authentication (NLA) when connecting remotely are among recommendations experts offered to keep organisations safe from bruteforce attacks.