Skip to main content

RDP vulnerabilities

||||White Laptop with Syxsense

RDP Brute-Force Attacks Increase Since the Start of COVID-19

By BlogNo Comments

RDP Brute-Force Attacks Increase Since the Start of COVID-19

According to recent reports, the number of brute-force attacks targeting RDP endpoints has increased rapidly since the start of the COVID-19 outbreak.

The Rise of RDP Exposure

According to recent reports, the number of brute-force attacks focused on Remote Desktop Protocol (RDP) endpoints has dramatically increased since the start of the COVID-19 pandemic.

As countries implemented quarantines and stay-at-home orders, more companies started deploying RDP systems online. This resulted in a 41.5% increase in “the number of devices exposing RDP to the internet via RDP’s default TCP port 3389.”

More RDP Brute-Force Attacks

Attackers continually rely on brute-force attacks to obtain credentials that have remote desktop access. As more remote workers connected to the corporate network in recent months, the attack surface for cybercriminals became wide open.

“Since the beginning of March, the number of Bruteforce.Generic.RDP attacks has rocketed across almost the entire planet,” said Dmitry Galov at Kaspersky.

RDP endpoints have been heavily target among ransomware attackers. Notably, 2019 gave rise to the infamous BlueKeep vulnerability, which allowed attackers to remotely take control of an unpatched connected device.

That’s why it’s critical for businesses to adopt security measures to protect themselves when using RDP, as well as other potential attack vectors.

How Syxsense Combats Brute-Force Attacks

Attackers and RDP vulnerabilities are no match when you have vulnerability scanning with Syxsense on your side.

Syxsense helps you reduce the likelihood of brute-force success by knowing about weak passwords and sub-standard user account policies.

Keep your environment locked down with our Policy Compliance scripts:
  • Brute-force attacks occur when you endlessly try passwords
  • When you have at home devices in a network with other none corporate devices
  • Password set to any of the standard easily hacked passwords like “Password”
  • Passwords Unchanged: Are accounts used with unchanged passwords? Simple passed or passwords which have not been changed are a high risk
  • User Login Analytics: Has an account not been logged in within a reasonable period of time?
  • Users Never Used: Has an account never been used? Accounts which are never used are often planted for later “Zero-Day” attacks
  • Password Never Expires: Has an account been set to never expire?
  • Password Not Required: Blank passwords are the easiest to hack
  • Administrator Account in Use: Has the recommended policy of renaming the Administrator account been actioned?
  • Multiple Login Attempts: Multiple login attempts provide trace evidence of a “brute-force attack”

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

RDP: Is the ‘R’ for ‘Ransomware’?

By NewsNo Comments
[vc_single_image image=”13202″ img_size=”full”]

RDP Creates Vulnerabilities

Remote Desktop Protocol is something you’ll find on every Windows computer and widely used throughout the IT industry. But does the ‘R’ in RDP now stand for Ransomware?

As the common methods of distributing ransomware get tougher, attackers are looking for new exploits. The manipulation of RDP is coming to the forefront. Since almost every Windows computer has it, and it’s built to access devices, it may become the ideal way for ransomware to enter an environment.

Some high-profile ransomware already utilize this method, such as BitPaymer.

So, how do you protect your business from this vulnerability?

Step 1: Disable, and then replace, RDP.

Step 2: Implement a rigorous Patch Strategy.

Disabling RDP will protect your environment, but many IT departments rely on it to do their jobs. However, if you replace RDP with another remote control solution, you can disable RDP and rest easy.

Syxsense provides a secure Remote Control solution. Utilizing 2048-bit encryption, our product communicates securely between the accessing device and the target. You can also enable prompts for the user on the target to allow, or disprove, access.

Patching your devices is also critical for maintaining a secure environment. Using Syxsense, you can implement a patching strategy that keeps your devices up to date. Our Patch Manager shows you, at a glance, which devices need patching. Tasks can be set to happen on an automated schedule to work around business hours. Replace RDP with Syxsense and experience a free trial today.

[vc_single_image image=”13186″ img_size=”200×200 px” alignment=”center”]

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Start Patching

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]