Almost every business has heard of RDP or also known as Remote Desktop.
This is a tool that many businesses use to remotely access their computers, even from home, and they have been using this technology for many years. With all of the spikes in COVID, this has become even more popular than before. Unfortunately, the security for this technology has not been able to keep up with the changes and it has become more and more vulnerable.
So, the good – RDP is great for accessing a desktop remotely from within the network or from your home and can allow users to continue working, especially during this time with COVID-19. It is a tool that we -can- keep using but there are some gotcha’s which you will see below that you must be careful of.
The Bad – because this technology has been around for so long and is so widely used, it is also very widely known, and the code for it is available to anyone with the know how to read it. Unfortunately for us, this also includes hackers. There are many people who would love to get access to your network and with the power of computers growing, they need only to write a script and let a computer automatically break in. In fact, this leads to the ugly part of RDP.
The Ugly – Hackers and those whom would compromise your network have found ways to use a “Brute Force” attack against exposed RDP ports – that is to say access points which are left open so people can remote into their work computer. Because many businesses have not transitioned to a safer method, such as VPNs, they are left exposed to this new threat.
Hackers have developed methods to automatically break into these ports by using computers to constantly attack usernames and passwords using extensive password lists. So weakly guarded or simple passwords to make using RDP easier has also made it possible to break in easily as well.
Once in, they can steal information, or plant viruses that run ransomware and encrypt the entire network, forcing companies to fork over huge sums of money if they do not have proper backups in place.
So how can we defend against this new threat? We can change the password, right? Well … no actually. That will not be enough. Nor is changing the port that is used as some tech companies will do in order to provide increased security. In fact, so long as RDP is exposed from the outside it can and will be exploited – it is just a matter of time.
The defense is to close those ports and to stop using Remote Desktop by itself and instead move to a VPN (Virtual Private Network) connection which will encrypt and ensure that all traffic is secure. This will protect the connection and once made, will allow users to safely use Remote Desktop once again.
So, the moral of this is simple – if you are using Remote Desktop make sure that it is in tandem with a VPN connection. If it is not, and you are not in the office then you are exposed and so is the company. VPNs will help prevent security breaches and ensure that hackers and ransomware will have a much less chance of compromising the security of your business.
By. Matthew Ragsdale – Frankenstein Computers, LLC.
July, 2020
Frankenstein Computers has been taking care of our happy clients since 1999. We specialize in affordable IT Support, IT Service, MAC repair, PC Repair, Virus Removal, web design and much more. Give us a call for remote support or drop in to drop off. Check out what our clients are saying about us on Yelp!