ABBY F., accesses her computer in the office from her home laptop. Since the lockdowns of March 2020, she has progressed from having someone physically copy files onto a hard disk from her computer to remotely accessing it via RDP or remote desktop protocol software.
Like Abby, millions of workers across Southeast Asia have taken up remote desktop route in order to work from home, and in most cases, the workstation set-ups and connections were hastily done because of the compelling need to keep businesses running. The result was sloppy installations with little or no added layers of security, except that which already came with the RDP software. This caused a lot of headaches for companies that were struck with RDP attacks, which are not even going away soon, according to Kaspersky.
Data from the cybersecurity company showed RDP attack attempts among Kaspersky users in Southeast Asia increased by 149 percent from 2019 to 2021. The RDP attacks recorded in the region was only 65,651,924 in 2019 but ballooned to 214,054,408 in 2020 when most of the region’s workforce were forced to temporarily leave their offices to work from their homes full-time.
In 2021, when the hybrid protocols were put in place and employees were given the flexibility to work at the office and remotely, RPD attacks declined by an average of 20 percent proving that the more secure environment of the office server had given an extra layer of protection to company data and assets. However, compared to 2020, the numbers are still higher than in 2019.
RDP or remote desk protocol is Microsoft’s proprietary protocol that enables a user to connect to another computer through a network of computers running Windows. It is widely used by both system administrators and less-technical users to control servers and other PCs remotely but this tool is also what intruders exploit to penetrate the target computer that usually houses important corporate resources. Microsoft 365 remains the preferred productivity software in the business sphere, followed by Google Workspace.
When devices are outside the company’s local network, away from the protection of the IT department, confidential information will always have a huge potential to be stolen or lost due to carelessness.
With the first wave of lockdowns, computers that have been hurriedly made available to remote workers were incorrectly configured. This scenario provided an opportunity for cybercriminals to launch attacks, particularly using brute-force attack attempts (systematically trying to find the correct username-password pair) to successfully get remote access to the target computer in the network.
“The experience during the pandemic has put forth a collective clamor all over the world to shift to a hybrid work setup. Sectors such as finance, information, management, and professional services have shown to benefit from working and collaborating remotely,” says Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.
“The hike in RDP attacks during this period is not unique to the SEA region. Globally, this type of threat rose 120 percent from 2019 to 2021. Given that remote work is here to stay, we urge companies to seriously look into securing their remote and hybrid workforce to protect their data,” he said.
