NEW DELHI: Cyberattacks targeting some of the widely used remote work infrastructure such as remote desktop protocol (RDP) continues to grow in 2021 instead of abating, said security experts.
According to cybersecuirty firm Kaspersky’s latest findings, brute force attacks on RDP grew to 377.5 million globally in February, up from the 93.1 million a year ago. India accounted for 9.04 million of the attacks last month.
Also Read | Six wrong calls on post-covid economy
During January-February, brute force attacks recorded in India totalled 15 million. In comparison, during the whole of 2020, India recorded 37 million attacks, with a record 4.5 million attacks in July last year.
“Remote working was not the most secure option to consider by businesses, when it came to keeping their sensitive and important data safe,” said Chris Connell, Managing Director, Kaspersky (APAC).
Connell warns, increase in the number of brute force attacks in India as well as globally is concerning and an immediate action needs to be taken by businesses.
In brute force attacks, hackers test different usernames and passwords until they find the correct combination which would allow them entry into corporate network and resources.
RDP allows workers to remotely connect to desktop computers at office and access applications on it through another device. Developed by Microsoft, RDP opens a dedicated channel for accessing and transferring data between connected systems.
“Even as companies begin considering re-opening their workplaces, many have stated that they will continue to include remote work in their operating model or pursue a hybrid format. That means it’s likely these types of attacks will continue to occur at a rather high rate,” points out Dmitry Galov, security expert at Kaspersky.
Security experts believe, organisations that use RDP should allow access only through a corporate VPN and should enable Network Level Authentication (NLA) when connecting remotely. Multi-factor authentication should also be enforced to provide an additional layer of security.
“Educating the staff on safe practices and tools for password management and watching accounts in real-time for strange activity can help the enterprises tremendously in fighting against such attacks,” added Connell.