June 19, 2021

Attacks on remote systems quadruple – La Provincia

TheBrute Force Cyberattacks Against Remote Desktop Systems (RDP)used by companies fortelecommutinghave quadrupled inSpain, until reaching 19 million in March, compared to 5 million in the previous month.

This is clear from a report prepared by the company ofcybersecurityKaspersky, who has analyzed the transition to telecommuting of companies around the world, including Spain, and who has detected a“massive increase in the number of brute force attacks on the remote desktop protocol”, as reported in a statement.

These types of brute force attacks seek to identify the RDP username and password through a trial and error process until the correct combination is found. Once inside,the cybercriminal can carry out actions such as espionage or theft of confidential information.

According to the investigation, the rebound in the number of attacks began in early March, when in countries such as Spain, measures of confinement began to be adopted.

In March, the total number of brute force attacks in all the countries analyzed by Kaspersky increased from 28,763,176 to 96,724,857, an increase of236 percent compared to the number of attacks registered in February.

In the specific case of Spain, the number of attacks multiplied by four, reaching the figure of 19.2 million in March compared to 4.7 million the previous month.The peak of attacks took place on March 19,day in which 1.3 million attacks were exceeded.

Furthermore, RDP is not the only protocol vulnerable to cyber threats, and at the end of last year, Kaspersky experts found 37 vulnerabilities in four implementations of theVNC (‘Virtual Network Computing’), another popular remote access protocol.

The companies that carried out thetransition to teleworktoo quickly for the coronavirus“they were more susceptible to sufferingthese kinds of attackssince their employees had to access corporate resources from their personal computer through networks that had few protection measures, “said Dmitry Galov, security researcher at Kaspersky.

Kaspersky recommends taking security measures before connecting to a corporate network from home, such as always using different and strong passwords,keep the ‘software’ of the device updated,use encryption whenever possible and make backup copies of critical data, among others.

For its part, it is advisable for companiesenable access to RDP through a corporate VPN, use network level authentication (NLA) for remote connection and use two-factor authentication.


Source link