A Kaspersky report showed that the number of brute force attacks to people working from a distance in Southeast Asia dropped significantly in 2022. The report was based on statistics about the top six economies in the region, namely Singapore, Malaysia, the Philippines, Indonesia, Thailand and Vietnam.
Bruteforce Generic RDP is a type of attack where a hacker uses the method of guessing password or encryption key and tries all possible combinations to find the correct passwords.
The purpose is finding the users’ information to log in on Remote Desktop Protocol (RDP), Microsoft's proprietary protocol for connecting remote computers.
Companies in Vietnam, Indonesia and Thailand are the biggest targets for hackers. The connection, control over servers and other personal computers from a distance are used widely by all system administrators and non-technical users. Therefore, if they succeed, attackers obtain the right to access servers from a distance through the accounts of workers of these companies.
A Kaspersky report showed that nearly 76 million Bruteforce Generic RDP were prevented in Southeast Asia in 2022 and the total number of attacks last year was cut by half in comparison with 2011, when many regional countries conducted social distancing campaigns.
In Vietnam, Kaspersky reported that the number of Bruteforce Generic RDP causes prevented in 2022 was 31.5 million, the highest number among the six surveyed countries. However, the number of attacks of this type saw a sharp decrease which was just one-half of 2021 (59 million cases in 2021).
Explaining this, Yeo Siang Tiong, CEO of Kaspersky Southeast Asia, said at first sight, the decrease in number of attacks is a good sign because after the pandemic, workers have returned to office to work offline or combined both offline and online work.
However, when considering broader threat, experts can see that there have been more and more ransomware groups exploiting remote connection protocols to obtain the right for initial access to enterprises. This is something security teams need to pay special attention to.
To reduce the risk and possible impact of ransomware attacks caused by RDP Bruteforce, the expert says businesses need to implement the so called "comprehensive defense" against well-organized and targeted cyberattacks.
Van Anh