Understanding the security risks of Remote Desktop Protocol over the internet
Understanding the security risks of Remote Desktop Protocol over the internet
  • RDP, if not properly configured and secured, can act as a gateway within an organization for cybercriminals to access sensitive internal resources.
  • Attackers can also exploit vulnerable RDP services to perform remote code execution and seize control over targeted gateways.

Today, it is very common for businesses to use RDP as a method to access servers, collaborate with other employees and remotely access documents stored and backed up in their office. Given its wide range of functionality across a business, this network-based service can also be misused by cybercriminals to launch attacks. A recent statistics from Coveware has highlighted that RDP is the most dominant attack vector, being used in 63.5% of disclosed targeted ransomware campaigns in Q1 2019.

To add more woes to it, the year 2019 saw the discovery of the dangerous BlueKeep vulnerability impacting Microsoft’s Remote Desktop Protocol implementation. Despite the security updates being issued by Microsoft, the vulnerability was widely exploited in a cyber-espionage campaign to mine cryptocurrencies.

Threats against RDP services

  • RDP, if not properly configured and secured, can act as a gateway within an organization for cybercriminals to access sensitive internal resources.
  • Attackers can also exploit vulnerable RDP services to perform remote code execution and seize control over targeted gateways.
  • Furthermore, cybercriminals have developed a wide array of tools to continuously look for remote access points on the internet. Because RDP is so widely used, it is a common target for MiTM attacks.
  • Following the release of PoC for BlueKeep, Microsoft has estimated that nearly 1 million devices using earlier versions of Windows are currently open to cyberattacks due to vulnerable RDP services.

Actions to be taken

Enhancing RDP security: Patching is an important way to enhance RDP security. An improperly secured RDP can open doors for malware infection or targeted ransomware attacks, resulting in critical service disruption.

Limiting the access: Use firewalls to restrict access to remote desktop listening ports – default is TCP 3389. Additionally, using an RDP gateway is also highly recommended for restricting RDP access to desktops and servers.

Using strong passwords: Strong passwords on any accounts with access to Remote Desktop should be considered as a necessary step before enabling Remote Desktop.

Enabling restricted admin mode: In a situation where there are multiple administrator accounts on a computer, it is very necessary to limit the remote access to those accounts that need it. This prevents the attacks due to the escalation of privileges.

Enabling Network Level Authentication (NLA): To reduce the amount of initially required server resources, and thereby mitigating against denial of service attacks, Network Level Authentication (NLA) can be used. NLA can also help to protect against MiTM attacks, where credentials are intercepted.

This Post Has 26 Comments

  1. Briantow

    Extremely interesting looking forth to coming back.

  2. JamesPep

    thank a lot for your internet site it assists a whole lot.

  3. Royal CBD

    An outstanding share! I have just forwarded this onto
    a coworker who had been conducting a little research on this.
    And he actually bought me dinner because I discovered it for him…
    lol. So let me reword this…. Thank YOU for the meal!!
    But yeah, thanks for spending the time to talk about
    this subject here on your website.

  4. Nathan

    I will right away clutch your rss feed as I can’t find your email subscription hyperlink or e-newsletter service.

    Do you’ve any? Kindly allow me recognize in order that I could subscribe.
    Thanks.

  5. Robert

    You should take part in a contest for one of the greatest sites
    on the web. I will highly recommend this web site!

  6. Jordan

    Wow, this post is pleasant, my sister is analyzing these
    things, therefore I am going to tell her.

  7. Molly

    Everything is very open with a clear explanation of the issues.

    It was really informative. Your website is extremely helpful.
    Thanks for sharing!

  8. Harrison

    Great post. I’m dealing with a few of these issues as well..

  9. Nataliesmit

    Thanks for sharing your info. I really appreciate your
    efforts and I will be waiting for your further post thanks once again.

  10. Ronald

    Excellent website. Plenty of useful information here.
    I am sending it to a few friends ans also sharing in delicious.

    And certainly, thanks for your effort!

  11. Maria

    Hello mates, how is everything, and what you desire to say concerning this paragraph, in my view its truly remarkable in support
    of me.

  12. Rudy

    When someone writes an article he/she retains the plan of a user in his/her
    mind that how a user can understand it. Therefore that’s why this paragraph is amazing.

    Thanks!

  13. Jacob

    Excellent, what a website it is! This blog presents useful data to us, keep it up.

    1. provisiontech

      Thanks for your feedback.

  14. Samanthas

    Hello to all, how is all, I think every one is getting more from this web site, and your
    views are good designed for new people.

    1. provisiontech

      Thanks for your feedback.

  15. provisiontech

    Thanks for your feedback.

  16. Mariyah

    Fantastic goods from you, man. I’ve understand your stuff previous to and you’re just
    extremely wonderful. I really like what you have acquired here, really
    like what you’re stating and the way in which
    you say it. You make it enjoyable and you still take care of to keep it sensible.
    I can’t wait to read far more from you. This
    is really a tremendous web site.

  17. Brynn

    Do you mind if I quote a few of your articles as long
    as I provide credit and sources back to your website?

    My blog is in the very same niche as yours and my users would really benefit from some of the information you provide here.
    Please let me know if this okay with you. Cheers!

  18. I’m really loving the theme/design of your blog.
    Do you ever run into any internet browser compatibility problems?
    A small number of my blog audience have complained about
    my site not working correctly in Explorer but looks great in Chrome.
    Do you have any solutions to help fix this problem?

  19. I’m no longer certain where you are getting your info, but good topic.
    I must spend some time learning more or working out more.
    Thank you for magnificent information I was looking for this information for my mission.

  20. I was more than happy to uncover this site. I wanted to thank you for your time just for this wonderful read!! I definitely liked every bit of it and i also have you bookmarked to look at new information in your blog.

  21. Noemi

    Great weblog here! Also your web site quite a bit up very fast!
    What web host are you the usage of? Can I get your associate link for your host?
    I desire my web site loaded up as fast as yours lol

  22. Audrey

    Highly descriptive post, I loved that bit.
    Will there be a part 2?

  23. Carl

    I loved as much as you’ll receive carried out right here.
    The sketch is attractive, your authored material stylish.
    nonetheless, you command get bought an impatience over that you wish be delivering the following.
    unwell unquestionably come more formerly again since exactly the
    same nearly very often inside case you shield this
    hike.

  24. Heather

    Sweet blog! I found it while browsing on Yahoo News.
    Do you have any suggestions on how to get listed in Yahoo News?
    I’ve been trying for a while but I never seem to get there!
    Appreciate it

Leave a Reply