Remote Desktop Attacks Tripled Worldwide In 2020 Amid COVID-19 Pandemic - Kaspersky Lab

RMOSCOW (Pakistan Point News / Sputnik - 10th December, 2020) The number of attacks on remote desktop protocols (RDP) has reached 3.3 billion from January to November compared to 969 million recorded during the same period of the previous year as people switched en masse to remote working amid the coronavirus pandemic, Russian IT security company Kaspersky Lab said in a report on Thursday.

During an RDP attack, cybercriminals try to guess the username and password using automated tools, as well as databases of compromised passwords. If successful, they will gain remote access to the victim's computer.

"Since the beginning of March, the number of Bruteforce.Generic.RDP detections has skyrocketed, resulting in the total number detected in the first eleven months of 2020 growing by 3.4 times compared to the number of the same type of attacks in 2019. Overall, 3.3 billion attacks on Remote Desktop Protocols were detected between January and November 2020. In 2019, during the same 11-month period, Kaspersky detected 969 million of these attacks worldwide.," the report said.

According to the company, in February, before the introduction of a strict quarantine, the number of RDP attacks amounted to 93.1 million, and jumped to 277.4 million in March. The peak was in November, with over 409.1 million attacks registered.

Apart from that, cybercriminals actively exploited the popularity of messengers and apps for videoconferencing, under the guise of which they distributed malicious software, the report said.

"According to our telemetry, cybercriminals were actively trying to masquerade their malware as popular messengers and online conference applications that were used by remote workers to replace offline communications. Kaspersky detected 1.66 million unique malicious files spread under the guise of such applications," Kaspersky Lab added.

IT experts do not expect that such attacks on infrastructure related to remote access, as well as on various services for collaboration will end. Instead, they advise companies to use strong passwords and change them regularly, make RDP available only through a corporate VPN, enable two-factor authentication if possible, as well as use a corporate security solution empowered with network threat protection.