Vietnam accounts for nearly half of brute-force attacks versus RDP

December 8, 2021 | 10:53 am GMT+7

Kaspersky detected more than 47 million remote desktop protocol (RDP) threats in Vietnam in the first half of 2021, accounting for nearly half of all cases in Southeast Asia.


This number accounts for 42% of the attempted attacks against users of Kaspersky solution in the Southeast Asia region with Microsoft’s RDP installed on their desktops.

A brute-force attack uses trial-and-error to work through all possible combinations, hoping to guess correctly the login info, encryption keys, or find a hidden web page. The Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.

Compared to the same period in 2020, the number of attempts to attack users through RDP in Vietnam increased by 37%. Explaining the reason for the increase in brute force attacks, experts say that the first half of 2021 is the period when Vietnamese businesses promote information technology application and digital transformation.

Moreover, the complicated situation of the epidemic also creates opportunities for cybercriminals to take advantage of companies' rush to switch to work from home and lack of preparation and poor configuration of RDP servers to perform. brute force attack.

Chris Connell, Managing Director of Kaspersky Asia Pacific, said that the pandemic has clearly accelerated the process of digital transformation, while also affecting each person's work and personal life. Employees in businesses have now embraced many changes in work habits for greater freedom and flexibility, using technology to master current and future work patterns. Companies must adapt and restructure for a more productive, sustainable, and most importantly, safe work environment.

For employees, when working from home will be able to resume, the security firm recommends: Set up a strong password, access RDP only through the business's VPN, if possible, enable authentication two factor, if not using RDP turn it off, and use a reliable security solution.

From an enterprise perspective, it is necessary to closely monitor the programs being used and update them on all company devices in a timely manner. This is no easy feat for many companies today, as the hasty transition to remote working has forced many to allow employees to work or connect to company resources. from their home computer.

Therefore, businesses should provide basic training on keeping computers and networks safe for their employees, helping employees to recognize the most common types of attacks occurring within the company and provides the basics in recognizing suspicious emails, websites and messages.

Strong, complex passwords and different passwords should be used to access company resources. Using multi-factor authentication or two-factor authentication is recommended, especially when accessing financial information or logging into a corporate network. If possible, use encryption on devices used for work purposes.

In particular, it is advisable to always prepare backup copies of important data. In addition, the company's Internet security solution can be used.