Kaspersky reports 52% decrease of attacks against remote desktop protocols

RDP is a popular protocol used by employees to connect to corporate resources, servers and networks remotely. 

According to Kaspersky telemetry, the number of brute force attacks against Remote Desktop Protocol (RDP) in the Middle East has significantly decreased in Q2 2022 by 52% compared to the previous quarter. This downward trajectory could be a result of several reasons. This could be due to the RDP vulnerabilities exposed in the first quarter of the year, due to the workforce switching from remote to hybrid work, or due to organizations adopting secure RDP configurations for their remote employees, making it then a less attractive target.

RDP is a popular protocol used by employees to connect to corporate resources, servers and networks remotely. Attacks against RDP are considered some of the most common tactics used by cybercriminals to explore security vulnerabilities and target computers within an organization’s network. By exploiting insecure or incorrectly configured RDP settings, cybercriminals can log into the system without the victim’s permissions and install ransomware or steal sensitive data.

In the first quarter of 2022, the detections in the Middle East were high at 16,006,243, as compared to the detections in the second quarter which stood at 7,690,416. Despite the decrease, RDP attacks should still be a concern for organizations as they continue to embrace the new reality of hybrid work. According to a recent report by Kaspersky, the financial loss due to a cyberattacks averaged $686K in the region.

In terms of countries, Egypt saw the highest number of detections in the second quarter of 2022 at 2,744,444, followed by the United Arab Emirates at 2,177,380 detections and Saudi Arabia at 2,012,534 detections – this represented a decrease from the previous quarter by 55%, 39% and 53% respectively.

“Remote working comes with security risks and threats and hybrid working is no exception. The fact that employees can access company network anytime from anywhere across devices is a trend to be adopted and adapted to with caution. No doubt companies are trying hard to ensure employees are well-connected to work more collaboratively, and have access to data to meet business needs, but strong and strict security measures need to be place to avoid any slip-ups. Incorrect RDP setting, weak passwords, or use of public WI-FI can result in serious setbacks,” said Maher Yamout, Senior Security Researcher at Kaspersky.