Understanding the security risks of Remote Desktop Protocol over the internet

Share This

  • RDP, if not properly configured and secured, can act as a gateway within an organization for cybercriminals to access sensitive internal resources.
  • Attackers can also exploit vulnerable RDP services to perform remote code execution and seize control over targeted gateways.

Today, it is very common for businesses to use RDP as a method to access servers, collaborate with other employees and remotely access documents stored and backed up in their office. Given its wide range of functionality across a business, this network-based service can also be misused by cybercriminals to launch attacks. A recent statistics from Coveware has highlighted that RDP is the most dominant attack vector, being used in 63.5% of disclosed targeted ransomware campaigns in Q1 2019.

To add more woes to it, the year 2019 saw the discovery of the dangerous BlueKeep vulnerability impacting Microsoft’s Remote Desktop Protocol implementation. Despite the security updates being issued by Microsoft, the vulnerability was widely exploited in a cyber-espionage campaign to mine cryptocurrencies.

Threats against RDP services

  • RDP, if not properly configured and secured, can act as a gateway within an organization for cybercriminals to access sensitive internal resources.
  • Attackers can also exploit vulnerable RDP services to perform remote code execution and seize control over targeted gateways.
  • Furthermore, cybercriminals have developed a wide array of tools to continuously look for remote access points on the internet. Because RDP is so widely used, it is a common target for MiTM attacks.
  • Following the release of PoC for BlueKeep, Microsoft has estimated that nearly 1 million devices using earlier versions of Windows are currently open to cyberattacks due to vulnerable RDP services.

Actions to be taken

Enhancing RDP security: Patching is an important way to enhance RDP security. An improperly secured RDP can open doors for malware infection or targeted ransomware attacks, resulting in critical service disruption.

Limiting the access: Use firewalls to restrict access to remote desktop listening ports – default is TCP 3389. Additionally, using an RDP gateway is also highly recommended for restricting RDP access to desktops and servers.

Using strong passwords: Strong passwords on any accounts with access to Remote Desktop should be considered as a necessary step before enabling Remote Desktop.

Enabling restricted admin mode: In a situation where there are multiple administrator accounts on a computer, it is very necessary to limit the remote access to those accounts that need it. This prevents the attacks due to the escalation of privileges.

Enabling Network Level Authentication (NLA): To reduce the amount of initially required server resources, and thereby mitigating against denial of service attacks, Network Level Authentication (NLA) can be used. NLA can also help to protect against MiTM attacks, where credentials are intercepted.

Share This

64 thoughts on “Understanding the security risks of Remote Desktop Protocol over the internet”

  1. An outstanding share! I have just forwarded this onto
    a coworker who had been conducting a little research on this.
    And he actually bought me dinner because I discovered it for him…
    lol. So let me reword this…. Thank YOU for the meal!!
    But yeah, thanks for spending the time to talk about
    this subject here on your website.

  2. I will right away clutch your rss feed as I can’t find your email subscription hyperlink or e-newsletter service.

    Do you’ve any? Kindly allow me recognize in order that I could subscribe.

  3. When someone writes an article he/she retains the plan of a user in his/her
    mind that how a user can understand it. Therefore that’s why this paragraph is amazing.


  4. Fantastic goods from you, man. I’ve understand your stuff previous to and you’re just
    extremely wonderful. I really like what you have acquired here, really
    like what you’re stating and the way in which
    you say it. You make it enjoyable and you still take care of to keep it sensible.
    I can’t wait to read far more from you. This
    is really a tremendous web site.

  5. Do you mind if I quote a few of your articles as long
    as I provide credit and sources back to your website?

    My blog is in the very same niche as yours and my users would really benefit from some of the information you provide here.
    Please let me know if this okay with you. Cheers!

  6. I’m really loving the theme/design of your blog.
    Do you ever run into any internet browser compatibility problems?
    A small number of my blog audience have complained about
    my site not working correctly in Explorer but looks great in Chrome.
    Do you have any solutions to help fix this problem?

  7. Great weblog here! Also your web site quite a bit up very fast!
    What web host are you the usage of? Can I get your associate link for your host?
    I desire my web site loaded up as fast as yours lol

  8. I loved as much as you’ll receive carried out right here.
    The sketch is attractive, your authored material stylish.
    nonetheless, you command get bought an impatience over that you wish be delivering the following.
    unwell unquestionably come more formerly again since exactly the
    same nearly very often inside case you shield this

  9. Sweet blog! I found it while browsing on Yahoo News.
    Do you have any suggestions on how to get listed in Yahoo News?
    I’ve been trying for a while but I never seem to get there!
    Appreciate it

  10. What i don’t realize is in truth how you’re now not actually much more well-appreciated than you may be right now.
    You’re very intelligent. You understand thus significantly
    in the case of this topic, produced me individually consider it from
    a lot of various angles. Its like women and men aren’t involved until it’s something
    to do with Girl gaga! Your individual stuffs excellent.
    All the time take care of it up!

  11. Does your site have a contact page? I’m having problems locating
    it but, I’d like to shoot you an email. I’ve got some ideas
    for your blog you might be interested in hearing. Either way, great site and I look forward to seeing
    it grow over time.

  12. I’ve been exploring for a bit for any high quality articles or
    weblog posts on this sort of space . Exploring in Yahoo I at last stumbled upon this site.

    Reading this information So i’m glad to exhibit that I have an incredibly excellent uncanny feeling I discovered just what I
    needed. I such a lot for sure will make sure to do not fail to remember this site and give it a glance regularly.

  13. Do you have a spam issue on this blog; I also am a blogger, and
    I was wondering your situation; we have developed some nice procedures and we are looking to exchange techniques with other folks, why not shoot me an e-mail if interested.

  14. Does your blog have a contact page? I’m having trouble
    locating it but, I’d like to send you an email. I’ve got some
    creative ideas for your blog you might be interested in hearing.

    Either way, great website and I look forward to seeing it develop over time.

  15. This design is spectacular! You most certainly know how to keep a
    reader amused. Between your wit and your videos,
    I was almost moved to start my own blog (well, almost…HaHa!) Fantastic job.
    I really loved what you had to say, and more than that, how you presented it.
    Too cool!

  16. I know this if off topic but I’m looking into starting my own blog and was wondering what all is needed to get
    setup? I’m assuming having a blog like yours would cost a pretty penny?

    I’m not very web savvy so I’m not 100% sure. Any suggestions or advice would be greatly appreciated.
    Many thanks

  17. Hi there just wanted to give you a brief heads up and
    let you know a few of the pictures aren’t loading properly.
    I’m not sure why but I think its a linking issue.
    I’ve tried it in two different web browsers and both show the
    same results.

  18. I’m truly enjoying the design and layout of your site.
    It’s a very easy on the eyes which makes it much more enjoyable for me to come here and visit more often. Did you hire out a developer to create your theme?

    Superb work!

  19. Thank you, I have recently been searching for info approximately this topic for a long time
    and yours is the greatest I’ve found out so far. However, what in regards to the conclusion? Are you
    sure concerning the supply?

  20. Essence Of Argan Ireland

    Good site you have got here.. It’s difficult to find quality writing like yours these
    days. I seriously appreciate individuals like you!

    Take care!!

  21. Thanks for one’s marvelous posting! I truly enjoyed reading it, you could be a great author.I will make sure to bookmark
    your blog and may come back someday. I want to encourage you continue your great work, have a nice weekend!

  22. I am not sure where you are getting your info, but good topic.
    I needs to spend some time learning more or understanding more.

    Thanks for magnificent information I was looking for this
    info for my mission.

  23. Greetings I am so grateful I found your web site, I really found you by mistake, while I was researching on Askjeeve for something else,
    Regardless I am here now and would just like to say cheers for a marvelous post and a all round interesting
    blog (I also love the theme/design), I don’t have time to browse it all
    at the moment but I have bookmarked it and also added your RSS feeds,
    so when I have time I will be back to read much more,
    Please do keep up the great work.

  24. http://mkbloonschade.nl/

    Wow! This blog looks just like my old one! It’s on a totally different topic but it has pretty much the same
    layout and design. Excellent choice of colors!

  25. best delta 8 carts

    I absolutely love your blog and find many of your posts to be precisely what I’m looking for. can you offer guest writers to write content to suit your needs? I wouldn’t mind producing a post or elaborating on a few of the subjects you write in relation to here. Again, awesome website!

Leave a Comment

Subscribe for latest updates

Sign up to be in the know