According to Kaspersky telemetry, the number of brute force attacks against Remote Desktop Protocol (RDP) in the Middle East has significantly decreased in Q2 2022 by 52% compared to the previous quarter. This downward trajectory could be a result of several reasons. This could be due to the RDP vulnerabilities exposed in the first quarter of the year, due to the workforce switching from remote to hybrid work, or due to organizations adopting secure RDP configurations for their remote employees, making it then a less attractive target.
RDP is a popular protocol used by employees to connect to corporate resources, servers and networks remotely. Attacks against RDP are considered some of the most common tactics used by cybercriminals to explore security vulnerabilities and target computers within an organization’s network. By exploiting insecure or incorrectly configured RDP settings, cybercriminals can log into the system without the victim’s permissions and install ransomware or steal sensitive data.
In the first quarter of 2022, the detections in the Middle East were high at 16,006,243, as compared to the detections in the second quarter which stood at 7,690,416. Despite the decrease, RDP attacks should still be a concern for organizations as they continue to embrace the new reality of hybrid work. According to a recent report by Kaspersky, the financial loss due to a cyberattacks averaged $686K in the region.
In terms of countries, Egypt saw the highest number of detections in the second quarter of 2022 at 2,744,444, followed by the United Arab Emirates at 2,177,380 detections and Saudi Arabia at 2,012,534 detections – this represented a decrease from the previous quarter by 55%, 39% and 53% respectively.
“Remote working comes with security risks and threats and hybrid working is no exception. The fact that employees can access company network anytime from anywhere across devices is a trend to be adopted and adapted to with caution. No doubt companies are trying hard to ensure employees are well-connected to work more collaboratively, and have access to data to meet business needs, but strong and strict security measures need to be place to avoid any slip-ups. Incorrect RDP setting, weak passwords, or use of public WI-FI can result in serious setbacks,” said Maher Yamout, Senior Security Researcher at Kaspersky.
To keep your company safe from brute force RDP attacks, Kaspersky experts recommend:
- Enable access to RDP through a corporate VPN only
- Enable the use of Network Level Authentication (NLA) when connecting remotely.
- If possible, enable multi-factor authentication
- Use corporate security solution empowered with network threat protection such as Kaspersky Endpoint Security for Business
- Organizations can use the Kaspersky Automated Security Awareness Platform, which builds concrete cyber-hygiene skills and practices
-Ends-
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
