There has been a significant rise in cyberattacks on remote desktop protocols (RDP) this year as employees were mandated to work from home, according to a recent report by cybersecurity firm Kaspersky.

Kaspersky researchers witnessed a 242 per cent increase in brute force attacks on remote desktop protocols (RDP) compared to 2019. They also discovered 1.7 million unique malicious files disguised as apps for corporate communication.

“Both of these findings reflect how attackers are putting their efforts into targeting users that work from home,” Kaspersky said.

“Having to move employees to working from home in such a short space of time opened up new vulnerabilities that cybercriminals were quick to target. The volume of corporate traffic grew, and users swiftly moved to using third-party services to exchange data, and work via potentially insecure Wi-Fi networks,” it said.

There was a major increase in the number of people using remote-access tools this year.

“One of the most popular application-level protocols for accessing Windows workstations or servers is Microsoft’s proprietary protocol — RDP,” explained Kaspersky.

Cyber frauds to see an uptick in India in 2021: Report

The computers that were made available to remote workers and incorrectly configured grew in number during the first wave of lockdowns across the globe. This led to a rise in cyberattacks. Brute force attacks used to systematically trying to find the correct option to access a system increased. These attacks were launched to find the correct username and password for RPD. A successful attempt resulted in cybercriminals gaining remote access to the target computer in the network.

The total number of Bruteforce.Generic.RDP attacks detected in the first eleven months of 2020 growing by 3.4 times compared to the number of the same type of attacks in 2019. Overall, 3.3 billion attacks on Remote Desktop Protocols were detected between January and November 2020.

Over 36 million attacks were detected in India alone in 2020 between January-November.

Online communication tools

Attackers also targeted popular online communication tools to target users. Kaspersky detected 1.66 million unique malicious files that were spread under the guise of popular messenger and online conference applications, typically used for work.

“Once installed, these files would primarily load Adware – programmes that flooded victims’ devices with unwanted advertising and gathered their personal data for third-party use,” it explained.

Cybercriminals also leveraged another group of files disguised as corporate apps called Downloaders. These applications that may not be malicious, but are able to download other apps, from Trojans to remote access tools.

“This year taught us a lot. The move online was not as flawless as one would imagine, especially given that we already lived in what we thought was a digitised world. As the focus switched to remote work, so did the cybercriminals, who directed their efforts to capitalise on a rise in adoption. There is still a lot to learn about the responsible use of technology, with data sharing at the heart of it’, said Dmitry Galov, security researcher at Kaspersky.

Covid-19 related cyber-attacks soar in Q2 of 2020: Report

Dipesh Kaura, General Manager, Kaspersky (South Asia), said: “The sudden digital boost in a country like India has not only helped its citizens to grow online, but has also made them more aware and careful of the potential online/ cyber threats. From government bodies to enterprises, small and medium businesses, banking institutions, online shopping websites, remotely working employees, students, healthcare professionals, and other online users, all have in the last 11 months become more aware of cybersecurity than ever before. The year has definitely seen a drastic increase in the number of cyberattacks all around the world, but it has also been very crucial in increasing the cybersecurity awareness and cyber maturity amongst people.”

“Organisations and consumers are now ready to talk openly about how they were attacked by cybercriminals, and these discussions are very necessary and helpful for us to understand the potential threats standing in our way and how improving our cyber immunity can help us fight against them,” added Kaura.

Related Topics