90% of businesses facing RDP attacks
Research from network threat detection and response company Vectra suggests that 90% of organisations could be facing some form of malicious RDP behaviours.
Between January and June this year, Vectra’s Cognito platform detected 26,800 suspicious RDP behaviours in more than 350 deployments. More than 90% of these deployments exhibited RDP attacker behaviour detections.
The most frequently targeted industries include manufacturing and finance, at 10 and eight detections per 10,000 workloads and devices. Together with the retail sector, these three industries accounted for nearly half (49.8%) of all RDP detections.
The government and healthcare sectors rounded out the top five list of the most frequently targeted industries.
But while the manufacturing industry has the highest rate of RDP detections, IT managers within these organisations are more likely to weigh the cost and time savings to centralised management enabled by RDP more heavily against the increased attack surface presented.
“Cybercriminals know that RDP is an easy-to-access administrative tool that allows them to stay hidden while carrying out an attack,” Vectra Head of Security Analytics Chris Morales said.
“It’s essential for security teams to understand how RDP is used by attackers because it will continue to be a threat in the near future.”
Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.
Microsoft has revealed it is ready to release a relatively feature-sparse Windows 10 November...
Microsoft has added a new Tamper Protection feature that will be enabled by default on the free...
Akamai researchers have uncovered an attack campaign seeking to exploit the critical...