If you are using a Remote Desktop Connection without protection you are leaving your network open to attack. Just today headlines are again ranting of new malicious actors gaining access to computers around the world through open Remote Desktop ports. Though users have been warned many times, we see small offices using RDP all the time as a means to work from home. I understand the temptation, it works well enough in today’s high speed Internet world and it’s free.
Remote Desktop isn’t free when you lose all your data
If your organization is using simple Remote Desktop to access resources back at the office, you are a target for ransomware. Hackers target these open RDP ports then download ransomware to victims. I’ve seen this very hack executed several times. By the time a business calls us, it’s probably too late. Though some ransomware encryption keys are available on the Internet for data decryption, they are becoming fewer and fewer as the bad actors get more determined and use better techniques.
Crysis, just the latest in a long line
Crysis happens to be in the news this morning, but they are far from the only ransomware spread this way. The group using this particular version seem to be targeting healthcare organizations, but that doesn’t mean they won’t find you instead. Even more concerning, according to TrendLabs these attacks have doubled just since January. Hackers use brute force password attacks against the open RDP port. Once they gain entry, improperly configured Remote Desktop settings are used to download ransomware to your machine. Attackers can also use this entrance to attack other machines on the network.
I like a firewall to secure Remote Desktop connections. Along with properly configured Remote Desktop security settings, these two things can go a long way to protecting your data. Now more than ever it’s important you take steps to protect your Remote Desktop connections.