*By Otto Pohlmann
There is no doubt that the relationship between professionals and companies with technology will never be the same after the covid-19 pandemic. Thanks to technological solutions, it was possible to maintain employee productivity and even expand the sale of products and services. But all of these benefits bring with them new threats. The increased use of access tools has made cyber attack attempts to grow at the same rate. One of the most explored points by cybercriminals is the RDP protocol (Remote Desktop Protocol), one of the main remote access tools worldwide. The solution, oddly enough, is simpler than it looks: just use software that works through other protocols. There are good options available on the market.
It is a complex situation, because RDP is a proprietary protocol from Microsoft, which in turn controls the Windows operating system, present in the vast majority of corporate and personal computers used by organizations. Recent research reinforces this scenario. A survey by Kaspersky, one of the leading digital security companies, indicates that brute force attacks (brute force) targeting the RDP grew by 333% at the beginning of the pandemic - from 11.6 million in February to more than 50.5 million in April 2020. In addition, Brazil alone accounts for three out of five attacks carried out in the Latin America.
This increase is, of course, justified by the mass adoption of the home office. RDP protocols allow remote access from one machine to another - essential for anyone who wants to connect to teams outside the work environment as seen in current circumstances. The problem is that this system runs on TCP port 3389 or UDP 3389, making the remote connection public - and it is this loophole that cybercriminals take advantage of. A report by Netscout, a provider of cybersecurity solutions, identified that attacks are amplified on these vulnerable ports, redirecting traffic to IP addresses and, consequently, increasing denial of service (DDoS) attacks.
This type of attack that brings down servers undoubtedly brings complications, but it is not the only problem that the protocol's vulnerability can bring to corporations. The brute force attacks, already mentioned, are attempts to undue access by means of logins with more common passwords. The objective is precisely to try to access the system in question and, thus, steal the data that are available. In addition, there are the dreaded attacks of ramsonware, which also explore security holes in the RDP protocol. That malware it simply encrypts the company's sensitive information in search of a cash ransom (involving huge amounts).
To protect their systems, companies adopt several security tools, but the solution is much simpler. Currently, some features are already available on the market that also allow remote connection on all operating systems, including Windows, but which use another protocol instead of RDP. One of the most important is the RXP protocol, developed by GraphOn in its products, mainly Go Global. With it, it is possible to guarantee the same advantages that the Microsoft resource offers in the remote connection, but without the security breach that is commonly exploited by cybercriminals. A simple measure that brings more security to the traffic of information between employees and the organization.
Digital security is one of the topics considered a priority in the strategy of any business - digital or not. The covid-19 pandemic made clear the importance of data and systems in the corporate routine. Losing or leaking them is catastrophic and can be a ruin for the company. The point is that the best protection is not always in the amount of tools used, but rather by the quality of these solutions. In some cases, as in the protocol that allows remote access, just find resources that use another option than the one normally used.
* Otto Pohlmann is CEO of Centric
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies
EN 
PT 
