06 Sep Are your remote access methods secure?
Remote access for staff is a great business enabler – but are you opening yourself to a world of hurt? An open method of remote access, usually the inbuilt Windows Remote Desktop allows for connections to servers and desktops to allow road warriors to access corporate data and applications. On most occasions a port (hole) is opened through the modem / router or firewall to allow the connection. A method of attack known as a Brute force RDP, where hackers will throw endless combinations of usernames and passwords until they have success will eventually breach this and provide them with all of the access required to cripple your IT Systems.
Here are some great examples of the threat to your business:
“Here’s the case in point that should worry Windows users. RDP is disabled by default in all client and server Windows versions that support the protocol. Nonetheless, a Sonar study conducted by Rapid7 discovered about 11 million Windows endpoints with port 3389 open, with 4.1 million of those “RDP speaking of some manner or another.” Ouch! Considering connecting to a Windows machine via RDP means an attacker can see a target’s monitor output and provide mouse and keyboard input, that’s pretty scary.”
“Incidents of a criminal group using Crysis ransomware to infect enterprise networks where they previously gained access to by brute-forcing workstations with open RDP ports have more than doubled in January 2017, compared to previous months.”
It is time to review your company’s Remote Access methods? Click here to find out.
Author: Shaun Atkinson
Shaun is the head of engineering at OtiumTech. He is passionate about Cyber-Security and finding ways to push SME’s forwards into new technologies.