The Cloud Threats Memo is a weekly series from Paolo Passeri, digging into a recent cloud threat and highlighting how Netskope can best help mitigate it.
A recent report from ESET has confirmed the massive growth of RDP attacks in 2020, an increase fuelled by the pandemic, and the consequential shift to remote working. In particular, the Slovakian security company has detected nearly 29 billion RDP brute-force attacks during 2020, corresponding to a whopping 768% YoY increase. An internet-facing misconfigured or vulnerable RDP server leaves organizations exposed to multiple risks, primarily ransomware, commonly deployed through RDP exploits or misconfigurations (and bear in mind that leaving exposed services is a trend that we’ve also observed in public cloud workloads).
This is just the latest warning about the sharp rise in RDP attacks since the beginning of the pandemic. As organizations adapt to the new normal, they need to make more and more services available for remote workers and these figures suggest that, at least initially, this process has occurred prioritizing productivity over security, and implicitly exposing private and public companies to new risks. Please notice that exposed RDP services are not the only threat in the pandemic era: the past year has seen an unprecedented number of critical vulnerabilities affecting VPN concentrators, another attack vector exploited by cybercriminals to deploy ransomware, and emphasized in the ESET report as well.
How Netskope mitigates the risk of misconfigured RDP servers
Netskope Private Access allows users to publish resources in a simple and secure ma