While attention on Covid-19 has primarily focused on the social and medical fallout, a recent study has made reference to a “cyberpandemic” taking hold in the new world of remote working. 

Figures from ESET have shown that in the wake of the virus, a major shift has been seen away from traditional office spaces in favor of remote desktop software as businesses look to respect social distancing and slow the spread of the virus. As a result, more firms are relying on Remote Desktop Protocol (RDP) and other remote access solutions for day-to-day operations. 

Unfortunately,  that means more and easier targets for cybercriminals, with ESET’s report detailing an astonishing rise in the number of brute-force cyber attacks targeting businesses using RDP — more than 100k new attacks per day. While the term “cyberpandemic” may seem sensational, it is nonetheless fitting given that the number of attacks has more than doubled in recent months.

Business fightback

By nature, RDP and other remote access protocols are less secure than in-office connections, as sensitive information has to be sent over the Internet. However, according to a recent Verizon study, more than 80% of hacker-related breaches can be traced back to weak passwords. 

So while cyber criminals have upped their activity, businesses have been slow to respond and are ‘missing the mark’ when it comes to training employees on the potential security dangers of working from home. 

A sharp rise in the number of brute-force RDP attacks in recent months. (Image credit: ESET.com)

ESET says that the greatest risk for businesses comes from ransomware attacks, in which cyber criminals infiltrate a company’s servers, and then encrypt or otherwise take control of sensitive information. Companies are forced to pay, or risk losing the data or having it released to the public.

Businesses looking to mitigate risks can do so by enforcing strong password management, using multi-factor authentication, and enacting simple but effective training regarding the risks of working remotely.

Source Article