The rise of telecommuting has driven the use of remote desktop applications to access corporate resources remotely, leading to a rise in threats in this area.
According to data presented by the Atlas VPN research team, RDP attacks rocketed by 241% in 2020. In 2019, RDP attacks stood at 969 million, but in the year 2020, threat actors carried out a staggering 3.3 billion attacks.
Cybercriminals are trying to seize this opportunity to hack into the company’s systems. Since the work-from-home shift happened almost overnight, it exposed many improperly configured and, in turn, unsafe RDP servers.
Most of the RDP cyber attacks are brute-force attacks. Cybercriminals attempt to find the correct credential combination that will allow the attacker to access the company’s target computer.
Worth noting that they are not using random username and password combinations. Hackers have millions of username and password combinations that were leaked from other businesses.
As a matter of fact, Atlas VPN recently reported that there were 37 billion data records leaked in 2020, a growth of 140% year-over-year. Meaning, there is no shortage of credentials that hackers can try.
Once the correct combination is found, the threat actor can move laterally within the organization’s infrastructure until they find what they are looking for, be it financial information, contact information, user or any other sensitive information.