Kaspersky has recorded 4,877,645 attempted brute-force attacks against the security solutions provider’s users in the country from January to June 2021. This translates to a 98.41% jump compared to the recorded attacks in the same period last year—2,258,364 attacks.
The affected Kaspersky users were using Microsoft’s Remote Desktop Protocol (RDP) installed in their PCs. RDP is a proprietary protocol used to control servers and at the same time remotely connect to other PCs running Windows. A brute-force attack involves guessing a password or encryption key by systematically trying out all possible combinations of characters until a correct one is found.
In the Philippines, the majority of desktops come with Microsoft operating system. These are devices heavily relied upon by employees who are working from home amid strict community quarantines.
It can be recalled that as early as March 2020, Kaspersky researchers had already observed a rapid increase in cybercriminal activity, particularly attacks against corporate resources when remote work was hastily pushed among workers worldwide.
“The hurried mass transition to home working has given cyber attackers this logical conclusion that poorly configured RDP servers would surge and then we saw the number of attacks shoot up tremendously,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky. “Attacks on remote-access infrastructure, including collaboration tools, are unlikely to stop anytime soon so we call on businesses and employees to look into securing their work-from-home set-up better.”
Companies with remote-working employees who use RDP should take these possible protective measures:
- Use strong passwords.
- Make RDP available only through a corporate VPN.
- Use Network-Level Authentication (NLA).
- Enable two-factor authentication.
- Disable RDP if it is not used and close port 3389.
- Use a reliable security solution like the Kaspersky Total Security (KTS) that facilitates advanced scanning and extended protection for securing WiFi networks and peripherals.