10 Remote Desktop Tips to Avoid a Ransomware Attack
‘Remote Desktop Protocols’ (or RDP) is a term likely mentioned during the weekly roundup meetings of every business looking to survive the unsettling times associated with the COVID pandemic. But could they also allow hackers into your systems?
"47% of ransomware attackers leveraged remote desktop Protocol according to Kroll in 2020"
What is RDP?
Remote Desktop Protocols are host-based services which allow employees to work from home and carry out their usual work duties and responsibilities by accessing their companies’ internal data. By implementing such tools, organisations are hoping they can weather the unforeseen crisis of Covid-19 and adhere to the strict government guidelines that are currently imposed.
How secure is RDP?
On the face of things remote working looks to be a great alternative to the more conventional working environments that are currently unavailable to the workforce. But the question is; How safe is it?
In a recent report published by Kroll - an investigations and risk consulting firm based overseas - ‘Remote Desktop Protocol’ was amongst the most corruptible access points for businesses and a likely target for cybercriminals. In their findings the firm highlighted 4 potential areas of concern for any business looking to mitigate cyber security risk.
Top 4 areas of risk
- Remote Desktop Protocols
- Phishing Emails
- Account Takeover
- Vulnerability Exploit
RDP was by far the most exploited access point.
The criminals behind these recent extortion cases are looking to exploit the hectic times we live in, and the ignorance of a disoriented workforce and IT team. But this doesn't mean it has no place in company growth moving forward. When implemented correctly RDP is a lifeline to the corporations that choose to use the concept. But the tools we use for our productivity are only as secure as the person that implements them. An organisation with a rigid, well informed cybersecurity team should be able to mitigate large areas of concern associated with RDP. Thus allowing the organisation/institution safe access to an essential employment tool.
10 ways you can help mitigate risk when using RDP
Strict access controls (Make sure only the intended personal has access to sensitive controls)
Only use secure internet when using RDP, never open networks (Such as WiFi Hotspots)
Training for staff and personnel on basic IT security. (This should include spotting suspicious emails or online links)
Install 2FA (Two Factor Authentication) on all RDP equipt devices
Keep devices used within your organisation updated
Keep passwords and access keys long and random
Have a login limit (for example 3 failed attempts then lockout)
Ensure your company has a separate database not connected to the primary company network
Use a recommended VPN (Virtual Private Network) when accessing RDP data
Use a trusted firewall to restrict unauthorised IPs accessing your RDP
It’s down to you
With all online-based tools there will be an element of risk, but those risks can be reduced considerably by carrying out basic IT maintenance, which includes educating staff and personnel on the protocols of remote working, and keeping devices and machinery up to date.
We Fight Fraud's head of Cyber, Solomon Gilbert says:
"Don't automatically go to RDP because it's an established solution. There are other more modern solutions to remote working which may be better for your organisation."
WFF provides real-world assessment and training to a wide range of businesses, help them identify, understand and manage their risk from criminal attacks.