Over 31.5 lakhs RDP attacks targeting Indian businesses blocked, says

Must Read

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand)

How tech bolster security of online gaming platforms

The rise of online gaming and is evident throughout the world’s financial capitals with the UK, US, and a few other European nations at the forefront

Explained: The evolving nature of cybersecurity threats

Concerns such as hacking and the presence of computer viruses have existed for decades in one form or another. As technology evolved over the years, so did the cybersecurity  threats themselves.

, a cybersecurity vendor said that it has blocked as many as 31.5 lakh (RDP) brute-force attacks last three months. RDP is used by businesses to manage and access remote systems and devices.

The company said that businesses often don’t protect their IT resources with robust passwords or adequate security measures and this gives cybercriminals an opportunity to take over vulnerable systems through brute-force and dictionary attacks.

According to researchers at Seqrite, RDP-based brute-force attacks are being used to deploy cryptominers on the infected systems for immediate and continuous returns, as well as to provide a platform for advanced Ransomware families such as GandCrab, Dharma/Crysis, and XTBL. The level of threat that these attacks pose also led the FBI and the Department of Homeland Security (DHS) in the US to recently issue a joint public warning on the growing usage of RDP administration tool as a popular attack vector.

“RDP-based brute force attacks were common attack vectors a couple of years ago and were used to propagate the spread of ransomware. Their newfound popularity is an alarming trend which should be paid close attention to. What makes these attacks even more dangerous is the fact that they shut down all layers of security on the infected system, leaving them completely vulnerable to future attacks. By exploiting inherent system vulnerabilities, threat actors are targeting Indian enterprises and compromising not only the security of their networks and devices, but also sensitive business data. There is an urgent and critical need to bolster the security framework at enterprises and deploy robust cybersecurity measures which can defend organisations against such threats,” said Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies.

Seqrite said it recommends Indian enterprises to adopt advanced security measures to protect against these attacks, as well as to disable the RDP service when not in use. Strong passwords, two-factor authentication, and account lockout policies should be used as an added layer of protection against brute-force attacks. Systems and software must be updated regularly, while the ‘enable logging’ and ‘ensure logging’ mechanisms must be set up to capture RDP logins. The network exposure for all control system devices should be minimised; wherever possible, RDP on critical systems should not be enabled. Comprehensive enterprise security solutions, such as Endpoint Security combined with Firewall Protection can also be implemented to effectively block .

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Sapience Analytics signs distribution agreement with Redington

Sapience Analytics and Redington said that they have entered into a distribution agreement where latter will resell the Sapience Vue solution through its network of over 30,000 channel partners, system integrators, and value-added resellers countrywide.
- Advertisement -SAP Hana

Related Articles