How long does it takes for Internet-facing, RDP-enabled computers to come under attack? In some cases, a few minutes. In most, less than 24 hours.
The problem with RDP
“In recent years, criminals deploying targeted ransomware like BitPaymer, Ryuk, Matrix, and SamSam have almost completely abandoned other methods of network ingress in favor of using RDP,” say Sophos researchers Matt Boddy, Ben Jones, and Mark Stockley.
“Gangs like these have the choice cracking passwords themselves using tools like NLBrute, buying passwords cracked by others, or buying accounts on compromised RDP servers.”
To get an idea of how many attacks RDP servers are facing daily, they have set up 10 geographically dispersed Amazon EC2 instances running Windows Server 2019, with RDP enabled but secured with a “prohibitively strong pas ..
Support the originator by clicking the read the rest link below.
