RDP: Cybercriminals’ Favorite Gateway in 90% of 2023 Attacks

Remote Desktop Protocol: Cybercriminals’ Preferred Gateway! In a comedic twist of fate, RDP has rolled out the red carpet for 90% of 2023’s cyber heists, making it the digital world’s ‘Most Wanted’ for unwanted access.

Hot Take:

It looks like Remote Desktop Protocol (RDP) was the VIP pass for cybercriminals to the hottest party of the year – the ‘Hack-a-Thon 2023’. The red carpet was rolled out, and attackers strutted down it, exploiting RDP in nine out of ten cyberattacks. And here we thought RDP stood for ‘Really Dependable Protection’… Whoops!

Key Points:

  • RDP has been the main culprit in 90% of cyberattacks in 2023, reaching new heights of notoriety.
  • Sophos’ research, based on over 150 incidents, reveals that 65% of cyber invasions began with the attackers charming their way in through RDP.
  • External remote services are the cybercriminal’s gateway drug, being the most common initial access method since Sophos started keeping score.
  • Cyberattackers are like bad exes, with one victim getting compromised four times in six months via exposed RDP ports.
  • FBI, CISA, and ACSC have put up the equivalent of a “Beware of Dog” sign, urging businesses to limit RDP use to avoid the BianLian ransomware group’s bite.

Need to know more?

Remote Desktop Protocol: Cybercriminals' BFF

Imagine RDP as the Swiss Army knife in a cybercriminal's toolkit - it's versatile, reliable, and apparently very popular among the hacking community. According to Sophos, it's the tool of choice for initial access, being responsible for kick-starting the party in two-thirds of the reported breaches. Think of it like the friend who always knows a guy who can get you into the club - except the club is your network, and you definitely didn't put them on the list.

When RDP Turns VIP (Very Important Problem)

It's like a sequel in a horror movie franchise where the villain keeps returning; an attacker breached the same victim four times in half a year. This persistence shows that RDP is like leaving your front door open with a sign that says "Free Cookies Inside". Sophos' John Shier plays the role of the wise old man in the movie, warning that the risks of RDP are like dancing with the devil in the pale moonlight. Spoiler alert: it doesn't end well for the dancers.

Law Enforcement's Take: "It's a Trap!"

Our buddies at the FBI, CISA, and ACSC are like the neighborhood watch, advising everyone to rein in the use of RDP to avoid becoming the next target of BianLian's ransomware shenanigans. They want businesses to treat RDP like that one relative you only invite to family gatherings out of obligation - limit their access and watch them closely.

Morals of the Story

What's the takeaway from this tale of cyber woe? If you're using RDP, it's time to tighten up those security protocols and maybe even consider a different solution. Otherwise, you could be starring in the next cyberattack horror story, and let's face it - those never have a happy ending. Until then, keep an eye on TechRadar Pro for all the cybersecurity gossip you didn't know you needed.

Tags: Credential Theft, Cyberattack Trends, external remote services, Malware Installation, Network Security, Ransomware Threats, RDP vulnerabilities