Threat actors put various cloud “tools” — resources like account information and application access — for sale on dark web markets that provide access for conducting follow-up attacks. But none of those utilities compare in popularity to Remote Desktop Protocol (RDP) accounts. They represent more than 70% of cloud resources available for sale on underground web marketplaces, according to a recent analysis. As such, RDP accounts are more pervasive on the dark web than regular cloud accounts.
These findings raise the following questions: How did we get here? What’s at stake for those at risk?
2020’s Remote Work Shift Created an Opening
Many companies opted to transition their employees to a work-from-home model during 2020. Their interest in RDP grew in the process. Arctic Wolf observed that IT and security teams’ interest in using RDP to manage employees’ remote laptops increased 62% between March and April of 2020, for instance. RDP gave that personnel a way to troubleshoot and provide device support in spite of having rapidly shifted to a new model of work. In the process, the technology helped countless companies continue to drive their business priorities forward.
The problem is that there are multiple security issues with RDP. In 2020, internet-connected device search engine Shodan noted that the number of devices exposing RDP to the web had ..
Support the originator by clicking the read the rest link below.
