Remote Desktop (opens in new tab) Protocol (RDP), a Microsoft client that allows employees to access corporate resources remotely, has become a major target for cybercriminals looking to steal sensitive data or infect a network with ransomware.
Atlas VPN's latest report states that the rise of remote working led cybercriminals to pay more attention to RDP and many were able to exploit improperly configured servers.
The number of attacks against RDP rose from 969 million in 2019, to more than 3.3 billion in 2020 - a 241 percent rise.
Most were brute-force attacks, meaning cybercriminals used scripts to automatte login attempts until they came across the correct login credentials (opens in new tab).
According to Atlas VPN, criminals always start with credentials already available on the dark web, as employees often recycle old passwords or use the same combination across a wide variety of services.
Successfully entering the network allows the attacker to move laterally within the target infrastructure, mapping it out and hunting down all manner of private data. This information is either sold on the dark web or used as leverage as part of a ransomware attack.
- Check out our list of the best business antivirus (opens in new tab) solutions