Remote Desktop Protocol (RDP) was one of those nifty features meant to make computing troubles so much easier to fix. If a software failed to work, a quick call to technical support, followed by a tech temporarily taking over your desktop to find the problem and fix it, was so much more convenient than hoping the tech would be able to talk you through the ordeal. But RDP, the ability for an outside agent to log into a computer or network remotely, has an obvious unintended consequence: it can be a back door for hackers to gain entrance into a system over a network connection.
Is RDP hacking a real threat?
Just this past June, security researchers in Brazil uncovered a GoldBrute botnet poised to infect 1.5 million systems, the attack vector being a “Brute Force”-style attack through RDP connections. We should also mention BlueKeep. This is a software that specifically exploits older versions of MS Windows, attacking the RDP vulnerabilities, and is capable of creating a runaway cyberthreat like 2017’s WannaCry. So yes, RDP vulnerabilities are being actively used by today’s hackers to create pervasive damage. Older servers are especially ill-equipped to defend against these attacks. While patches exist to combat their vulnerabilities, patches only work when they are used. Many Windows systems are patch-poor.
How to Protect your system: Multi-Factor Authentication for RDP.
There are countless resources online for RDP interception, so if your RDP is not protected with multi-factor authentication, it is important to disable it as soon as possible. Microsoft offers information and instructions on how to configure multi-factor authentication.
This may be one of the most essential actions you can take to secure your network. Verifying that any remote access points to your computer are locked down will go far to hardening your defense perimeter, and keeping your system safe.