Ugly times for Remote Desktop Protocols (RDP) connections

Companies are limited with options than to embrace the new normal (work from home) because of the current global pandemic. In order to keep the business running to meet up with the growing customers competitive demands, the desire for RDP servers has surged astronomically. Unfortunately, a number of organizations have not been able to build robust security against RDP vulnerabilities, which is a known vector for many attacks. Consequently, this has led a large number of RDP attacks to spike significantly in the US, Spain, Italy, Germany, France, Russia and China as reported by VPN service provider Atlas VPN.

Security experts strongly discourage the use of RDP servers even when you are using strong password, two-factor authentication and digital certificates. If you have need for RDP, use it with secure VPN connections.

To mitigate RDP servers vulnerabilities, it is strongly advised to adopt the followings;

·      Patch the server regularly

·      Change the listening port for Remote Desktop

·      Use RDP gateway

·      Implement credential lockout policy

·      Use strong passwords

·      Use two-factor authentication  

·      Use digital certificates

·      Use firewalls for access

·      Avoid direct connections to internet

RDP is an inevitable resource despite the associated vulnerabilities. Organization are advised to adhere to its best practices to frustrate hackers who would specially be interested in exploiting RDP vulnerabilities. Free RDP tools should not be used. More importantly, logging should be enabled in a fashion that is auditable. Ultimately, RDP should not be used except if it absolutely necessary.