Remote Desktop Protocol (RDP) became a hot target for cybercrime as businesses shifted to remote work due to the COVID-19 pandemic. A year later, the trend shows no sign of slowing.
RDP, Microsoft's proprietary protocol for enabling people to remotely access Windows servers or workstations, is among the most popular remote access protocols used by organizations today. As such, when businesses shifted to remote work last March, cybercriminals swiftly took notice.
In the spring of 2020, when many organizations shut their office doors, attacks targeting RDP began to skyrocket: Kaspersky reported a spike from 93.1 million global RDP attacks in February to 277.4 million in March – a 197% increase, researchers note. The trend went up and down throughout the year but saw another significant jump as winter lockdowns were announced.
ESET telemetry reflects a similar pattern. The research team reported "quite stable growth" in RDP attacks throughout 2020, with the fastest changes in February and March as the US and Western Europe went into lockdown. While there was some variation in the number of attack attempts toward the end of the year, the number of companies reporting RDP attacks per day remained steady. Between the first and fourth quarters of 2020, RDP attacks grew 768%.
By February 2021, Kaspersky reported 377.5 million brute-force attacks targeting RDP, underscoring a massive spike from the 91.3 million observed at the start of 2020. In some countries these attacks tripled, while in others they grew as much as 10 times, says Kaspersky researcher Maria Namestnikova. RDP has long interested attackers because it allows them to easil ..
Support the originator by clicking the read the rest link below.
