According to a new study, cyberattacks against remote access protocols have continued to grow over the past year as Work From Home has become more commonplace due to the pandemic.
According to research report from cybersecurity firm Kaspersky, after the shift to remote work, brute-force attacks against RDP — which is perhaps the most common Remote Desktop Protocol is used to access Windows or servers — skyrocketed, hitting a new high of 409 million worldwide in November 2020. In a brute-force attack, hackers try various usernames and passwords before they find the right combination, which gives them access to enterprise resources.
Statistics of Cyberattacks
According to Kaspersky’s telemetry, when there was a global lockdown in March 2020, the total number of brute-force attacks against RDP jumped from 93.1 million in February to 277.4 million in March, a 197 percent rise.
The cyberattacks in India grew from 1.3 million in February to 3.3 million in March 2020. Monthly attacks never fell below 300 million from April 2020 onward, reaching a record peak of 409 million attacks in November 2020. According to the report, the highest number of cyberattacks, 4.5 million in India, occurred in July 2020.
There were 377.5 million brute-force attacks in February 2021, almost a year after the pandemic started, a far cry from the 93.1 million seen at the start of 2020. In February 2021, India alone saw 9.04 million cyberattacks.
In India, the total number of cyberattacks between February and December 2020 was around 37 million, while the total number of attacks between January and February 2021 was around 15 million.
Concluding Statements
Dmitry Galov, security expert at Kaspersky, said in a statement “Remote work isn’t going anywhere. Even as companies begin considering re-opening their workplaces, many have stated that they will continue to include remote work in their operating model or pursue a hybrid format,” He added “That means it’s likely these types of attacks against remote desktop protocols will continue to occur at a rather high rate. 2020 made it clear that companies need to update their security infrastructure, and a good place to start is providing stronger protection for their RDP access.”
Experts recommend allowing RDP access via a corporate VPN and enabling the use of Network Level Authentication (NLA) when connecting remotely to keep organisations secure from brute-force attacks.