Cyberattack risk alert on Remote Desktop Protocol by FBI
The warnings issued by the FBI concerns the sales of Remote Desktop Protocol (RDP) connection credentials by hacker forums. By purchasing such a connection, anyone can control the server to which the credentials correspond to. As credentials of critical facilities such as those of airports might be available, it poses a great risk to the public.
The most popular method of RDP attacks occurs through ransomware, where the user is denied access from the system or data. Access is only allowed upon making a “ransom” payment.
The reason why the availability of such credentials (and at cheap prices) is so risky is that it allows the buyer to access the device remotely and take complete control over it. The device owners may be threatened to be blackmailed or their sensitive documents may be exposed if a sum is not paid. Also, once in control, the crooks have the ability to install harmful viruses which will destroy the system data.
Here is how you can protect yourself from RDP attacks
Try to avoid public, insecure networks. Even with credentials in possession of the hacker, frequent logins can be avoided. A firewall, which prevents illegal logins must be used in devices which use RDP for security.
- Using strong passwords for your logins. Breaching weak passwords might only be a matter of time, where malicious robots on the network can crack your password.
- Use 2-step login methods, where logging in does not depend only on the password. Here a verification code will be sent to another device such as your mobile phone. You can choose whether or not to keep a 2-step verification in a particular computer and if you do not need it in that computer you will still be safe as 2-step verification will be prompted for if an attempt to log in from another computer is made.
- Set the login lockout settings to lockout a hacker, who attempts multiple failed logins. This will block the IP of the would-be hacker attempting to bust your account. This will further enhance the security of your RDP protocol.
- Avoid using the 3389 port which is the default. Shifting to another makes it difficult for a hacker to get to your device.
- Update your device regularly as the new updates will contain solutions for the latest risks and threats. This includes updating your RDP protocol.