Recent ESET research shows a staggering increase in the number of attacks against Remote Desktop Protocol in 2020--a clear sign of how effective the method is when breaching networks and compromising machines.
Microsoft's February security update fixes the vulnerability that can result in reverse RDP attacks in the built-in Windows RDP client, but third-party RDP clients are still vulnerable, Check Point said.
The shift to remote work has caused a spike in the number of RDP servers exposed to the Internet, along with an increase in the number of scans for those servers.
Microsoft looked at Windows Events Log to understand what RDP brute-force attacks looked like in the enterprise, and found that attackers frequently space out the login attempts over several days to avoid detection.
Attacks using Remote Desktop Protocol continue to be tremendously successful. It turns out many attackers are combining RDP attacks with ransomware.