512-331-0787 Client Center ☰ ˟
Logo
Client Center Call Us: 512-331-0787 Text Us: 512-980-9469
  • Home
  • Get A Quote ›
    • Automobile
    • Business & Commercial
    • Commercial Auto
    • Disability
    • Homeowners
    • Life
    • Long Term Care
    • Motorcycle
    • Recreational Vehicle
    • Renters
    • Watercraft & Boat
  • Our Products ›
    • Products
    • Home & Auto Insurance
    • Auto Insurance ›⤵
      • Auto Insurance
      • Liability Coverage
      • Comprehensive Coverage
      • Collision Coverage
      • Uninsured & Underinsured Motorist Coverage
      • Accident Forgiveness
      • Roadside Assistance
      • Specialty Auto Insurance
      • 24-Hour Customer Service
      • Towing
      • Rental Reimbursement
      • SR-22 Insurance
      • Personal Injury Protection (PIP)
      • Medical Payments Coverage
    • Home Insurance ›⤵
      • Home Insurance
      • Property Insurance
      • Homeowners Liability
      • Renters Insurance
      • Condo Insurance
      • Mobile Home Insurance
      • Scheduled Property Insurance
      • Landlords Insurance
      • In-Home Business Insurance
    • Other Personal Insurance ›⤵
      • Other Personal Insurance
      • Identity Theft
      • Jewelry Insurance
      • Personal Umbrella Insurance
      • Personal Cyber Insurance
      • Pet Insurance
      • Data Backup
    • Life Insurance ›⤵
      • Life Insurance
      • Individual Life Insurance
      • Group Life Insurance
      • Long-Term Care Insurance
      • Disability Insurance
      • Second-To-Die Policy
      • Key Person (Key Men) Insurance
    • Recreational Vehicle Insurance ›⤵
      • Recreational Vehicle Insurance
      • Boat Insurance
      • Motorcycle Insurance
      • Motorhome Insurance
      • ATV Insurance
    • Additional Insurance Services ›⤵
      • Special Event Insurance
      • Vacation Rental Property Insurance
    • Coverage for Specific Industries ›⤵
      • Coverage for Specific Industries
      • Auto Repair Shop Insurance
      • Church and Nonprofit Organizations
      • Construction Insurance
      • Educational Facility Insurance
      • Healthcare Practice Insurance
      • Landscaping Insurance
      • Law Firm Insurance
      • Machine Shop Insurance
      • Pool & Spa Insurance
      • Personal Trainer Insurance
      • Real Estate Business Insurance
      • Retail Insurance
      • Specialty Trade Contractors Insurance
      • Water Well Drillers Insurance
    • Coverage for Your Business ›⤵
      • Coverage for Your Business
      • Bonds
      • Business Owners Policy (BOP)
      • Commercial Auto Insurance
      • Commercial General Liability
      • Commercial Property Insurance
      • Commercial Umbrella Insurance
      • Crime Insurance
      • Cyber Liability Insurance
      • Fidelity Bonds
      • Loss Control Insurance
      • Inland Marine Insurance
      • Professional Liability
      • Surety Bonds
      • Workers Compensation
    • Coverage for Your Employees ›⤵
      • Coverage for Your Employees
      • Group Disability Insurance
      • Disability Insurance
      • Individual Life Insurance
  • Blog
  • Social Feed
  • Payment/Claims
  • Our Agency ›
    • Client Center
    • Services Areas›⤵
      • TEXAS
      • Austin
      • Cedar Park
      • Georgetown
      • Houston
      • Jonestown
      • Lago Vista
      • Lakeway
      • Leander
      • Liberty Hill
      • Pflugerville
      • Point Venture
      • Round Rock
      • WASHINGTON
      • Spokane
    • About ›⤵
      • About
      • Our Staff
      • Our Locations
    • Referral Program
    • Newsletters
    • Blog
    • Get A Quote
    • Our Providers
    • Community Involvement ›⤵
      • Community Involvement
      • Superhero Kids
  • Contact Us ›
    • Contact Us
    • Contact Us
    • Location & Hours
Auto and Home Icon

Auto & Home

We browse through a wide variety of coverages and find the right one for you.

Learn More
Business Icon

Business

We browse through a wide variety of coverages and find the right one for you.

Learn More
Life and Health Icon

Life & Disability

We browse through a wide variety of coverages and find the right one for you.

Learn More
RV and Boat Icon

RV & Boat

We browse through a wide variety of coverages and find the right one for you.

Learn More
Annuities Icon

Motorcycle

We browse through a wide variety of coverages and find the right one for you.

Learn More
Home > Blog > Preventing Ransomware Exposures From Remote Desk Protocol
MONDAY, APRIL 12, 2021

Preventing Ransomware Exposures From Remote Desk Protocol

Cyber crime graphic Remote desk protocol (RDP)—which is a network communications protocol developed by Microsoft—consists of a digital interface that allows users to connect remotely to other servers or devices. Through RDP ports, users can easily access and operate these servers or devices from any location. RDP has become an increasingly useful business tool—permitting employees to retrieve files and applications stored on their organization’s network while working from home, as well as giving IT departments the ability to identify and fix employees’ technical problems remotely.

Unfortunately, RDP ports are also frequently being leveraged as a vector for launching ransomware attacks, which entail a cybercriminal deploying malicious software to compromise a device (or multiple devices) and demand a large payment be made before restoring the technology for the victim. In fact, a recent report from Kaspersky found that nearly 1.3 million RDP-based cyberattacks occur each day, with RDP reigning as the top attack vector for ransomware incidents.

Don’t let RDP contribute to a costly ransomware incident for your organization. Review the following guidance to learn more about how ransomware attacks can occur via RDP and best practices for minimizing the likelihood of such an incident.

Ransomware Attacks via RDP

RDP-based ransomware attacks usually stem from organizations leaving their RDP ports exposed to the internet. Although doing so can seem more convenient for employers in the scope of remote work operations, internet-exposed RDP ports are easy for cybercriminals to identify and offer a clear access point for deploying harmful attacks.

The typical process of an RDP-based ransomware attack is as follows:

  1.  Scanning—First, a cybercriminal utilizes a port-scanning tool to search the internet for any exposed RDP ports. These scanning tools are often free and relatively simple to operate for attackers of varying skill levels. 
  2.  Gaining access—After identifying an exposed RDP port, the cybercriminal then gains access to the targeted server or device by using stolen credentials. Attackers can secure these credentials by either purchasing them on the dark web or implementing a brute-force tool that can rapidly input a series of usernames and passwords until the correct combination is found. 
  3.  Disabling security features—Once the cybercriminal has accessed the targeted server or device, they attempt to make it as defenseless against an attack as possible by disabling any existing security features (e.g., antivirus software, data encryption tools and system backup capabilities). 
  4.  Executing the attack—From there, the cybercriminal is able to steal sensitive data and deploy a ransomware attack on a vulnerable server or device. Some attackers even install backdoors during this step to allow for easy access during future attacks. 

Like other ransomware incidents, RDP-based attacks can result in devastating ramifications for the impacted organization—including business interruption issues, reputational damages and large-scale financial loss.

Strengthening RDP Against Ransomware

Although RDP-based ransomware attacks have become increasingly common, there are several ways for you to bolster your organization’s RDP security and lessen the risk of such an incident impacting your operations. Consider the following best practices:

  •  Close your RDP connection. First and foremost, ensure that your RDP connection is not open to the internet. 
  •  Establish a virtual private network (VPN). To keep your RDP port from being exposed to the internet, be sure to establish a VPN. This will allow remote employees to securely access your organization’s RDP port, while also making the port far more difficult for cybercriminals to locate online. 
  •  Elevate authentication protocols. Because cybercriminals require login credentials to properly execute an RDP-based ransomware attack, make sure you have effective user authentication protocols in place. Specifically, encourage employees to develop unique passwords for all of their devices and accounts. These passwords should be an appropriate length, refrain from using common words or phrases, and contain several special characters. In addition to strong passwords, consider requiring multifactor authentication for RDP port access as an extra layer of protection. 
  •  Implement login attempt limits. To stop cybercriminals from being able to deploy brute-force tools to secure login credentials during an attack, update RDP port protection features to detect when multiple failed login attempts have occurred in a short period of time. Establish a limit on how many incorrect logins can occur before the user is blocked from further attempts—therefore halting an attack. 
  •  Utilize adequate security software. Ensure all workplace technology is equipped with top-rated security software—including antivirus programs, a firewall, data encryption features and a gateway server—to deter attempted attacks. Update this software on a regular basis. 
  •  Restrict employee access. Be sure to uphold the principle of least privilege by only providing employees with RDP access if they absolutely need it to conduct their work tasks. These employees should be trusted and trained in appropriate RDP usage. After all, granting extra employees unnecessary RDP permissions simply creates additional security gaps. 
  •  Have a plan. Lastly, make sure your organization has an effective cyber incident response plan in place that addresses RDP-based ransomware attack scenarios. This plan should promote the backup storage of any critical data in multiple secure locations (both on-site and off-site) to minimize potential losses. Practice this plan regularly with staff and make updates as needed.

For additional risk management guidance and insurance solutions, contact us today.

Posted 4:14 PM

Share |


No Comments


Post a Comment
Required
Required (Not Displayed)
Required


All comments are moderated and stripped of HTML.

NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive
  • 2023
  • 2022
  • 2021
  • 2020

  • tips(42)
  • business insurance(32)
  • auto(17)
  • home insurance(16)
  • auto insurance(12)
  • insurance(9)
  • safety tips(8)
  • home(7)
  • cyber liability insurance(7)
  • safety(7)
  • life insurance(6)
  • risk management(5)
  • commercial insurance(5)
  • cyber security(4)
  • commercial property insurance(4)
  • homeowners(4)
  • coverage(4)
  • policy(4)
  • workers comp(3)
  • general liability(3)
  • renters insurance(3)
  • construction industry(3)
  • homeowners insurance(3)
  • contractors(3)
  • commercial auto(2)
  • directors & officers(2)
  • discounts(2)
  • motorcycle(2)
  • osha guidelines(2)
  • business auto(2)
  • religious organizations(2)
  • cybersecurity(2)
  • personal liability(2)
  • covid-19(1)
  • accident fraud(1)
  • partnerships(1)
  • directors and officers(1)
  • taylor(1)
  • business(1)
  • owners(1)
  • life events(1)
  • flood insurance(1)
  • skin cancer(1)
  • faq(1)
  • insurance policy(1)
  • eco-friendly lifestyle(1)
  • pets(1)
  • green living(1)
  • landlord insurance(1)
  • accidents(1)

View Mobile Version

Contact Us Today!
512-331-0787

Social Social Social

Resources

  • Products
  • Customer Service
  • Payment Options
  • Social Feed
  • Report a Claim
  • About Us
  • Refer A Friend
  • Our Carriers
  • Blog
  • Contact Us

Contact Us

1841 S Lakeline Blvd. Ste 101-302 | Cedar Park, TX 78613
P: 512-331-0787 | Text: 512-980-9469 | F: 512-506-8115
Email Us: Personal Lines | Commercial Lines
© Copyright. All rights reserved. | Powered by Insurance Website Builder