Global cybersecurity company Kaspersky said the total remote desktop protocols (RDP) attacks detected in Malaysia in the first six months of 2021 grew by 53.6% compared to the same period last year.
Between January to June 2021, the company recorded a total of 10.4 million attacks attempts against Kaspersky users in the country with Microsoft RDP installed on their desktops. This is a significant spike compared to 6.78 million in the first half of 2020.
RDP is an application-level protocol developed by Microsoft. for accessing Windows workstations or servers. A brute force is an attempt by hackers to test all different usernames and passwords until the correct combination is found, and they gain access to company resources.
RDP empowers Malaysians to continue working remotely. However, this working method has a potential for cyber attempts one of which is a brute force attack that targets the protocols employees use to remotely access company resources.
A report by Randstad published last August shown that 69% of Malaysian workforces have indicated their preference to continue working from home, which is the highest in the region, ahead of Singapore, China and Hong Kong.
Having more employees working from home opened up new vulnerabilities that cybercriminals were quick to target. The volume of corporate traffic grew as well as more users moved to using third party services to exchange data and work through potentially insecure Wi-Fi networks.
Chris Connell, managing director for Asia Pacific at Kaspersky said moving an entire workforce from a secure IT enterprise environment to a home network with adequate cybersecurity measures, under normal circumstances, requires long-term planning and preparation.
“The pandemic has robbed us of this opportunity and our latest RDP attack statistics show that cybercriminals are exploiting this loophole,” he added.
Kaspersky researchers also discovered attacks on other remote access protocols, other than RDP, such as virtual network computing (VNC), which is also used for remote access. Companies are advised to closely monitor programs in use and update the latest patches on all corporate devices in a timely manner.
Connell added, “This health crisis has clearly expedited digital transformation and the merging of our professional and personal life. Employees are now actively leading the way in accepting changes in pursuit of greater freedom and flexibility, using technology to own a new future. Companies must now adapt and restructure the modern workplace to make it more productive, sustainable, and most importantly, secure.”
To avoid potential cyber threats in the trend of remote work systems, Kaspersky provides recommendations for companies to:
- Provide training on basic cyber hygiene to their employees. Help them to identify the most common types of attacks that occur in the company, and provide basic knowledge in identifying suspicious emails, websites, text messages.
- Use strong, complex and different passwords to access every company resource.
- Use Multi-Factor Authentication or two-factor authentication especially when accessing financial information or logging into corporate networks.
- Where possible, use encryption on devices used for work purposes.
- Enable access to RDP through a corporate VPN .
- Always prepare for backup copies of critical data.
- Use a reliable enterprise security solution with network threat protection.
For employees who are still working remotely, some of the following simple steps can be done in order to stay safe:
- Avoid clicking on suspicious links that come through email inbox or messaging apps.
- Always check all devices in the house, make sure they have been through updates and are using the latest operating system.
- Install security solutions on all devices, as well as solutions for tracking equipment in case of loss.
- Make sure to download apps from trusted sources only.
- Use good quality and safe internet connection. Avoid using work equipment for personal purposes or vice versa.