Breaking passwords continues to be a trusted tool by cybercriminals to try to infiltrate into firms in Southeast Asia (SEA), based on the latest findings by global cybersecurity company Kaspersky.
From January to December 2024, Kaspersky solutions used by businesses here detected and blocked more than 53 million bruteforce attacks.
Bruteforce.Generic.RDP., is a method for guessing a password or an encryption key that involves systematically trying all possible combinations of characters until a correct one is found. A successful bruteforce attack allows an attacker to obtain valid user credentials.
RDP, or remote desk protocol, is Microsoft’s proprietary protocol that enables a user to connect to another computer through a network of computers running Windows.
RDP is widely used by both system administrators and less-technical users to control servers and other PCs remotely, but this tool is also what intruders employ to try to penetrate the target computer that usually houses important corporate resources.
When devices are outside the company’s local network, away from the protection of the IT department, confidential information will always have a huge potential to be stolen or lost due to carelessness.
“On a daily basis, we are looking at more than 145,000 attempts to break enterprises and SMBs’ passwords and encryptions in SEA. That’s a lot given the current shortage of cybersecurity staff in the region,” comments Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
Indonesia and Malaysia logged double-digit increase. A total of 14,662,615 RDP attacks were aimed at firms in Indonesia last year. This is 25% higher than 11,703,925 bruteforce attacks in 2023. Malaysia witnessed a 14% uptick with 3,198,767 bruteforce attacks in 2024 versus just 2,810,648 in 2023.
“With better Artificial Intelligence (AI) services at play, cybercriminals now have a reliable assistant to guess passwords and break encryptions faster. Once successful, a bruteforce attack allows an attacker to gain remote access to the targeted host computer. Imagine the repercussions of having a spy, or more, inside your computers. Thus, it is urgent for businesses here to really look into their IT posture and recalibrate their cybersecurity capabilities,” adds Hia.
If you use RDP in your work, be sure to take all possible protection measures:
- At the very least, use strong passwords.
- Make RDP available only through a corporate VPN.
- Use Network Level Authentication (NLA).
- If possible, enable two-factor authentication.
- If you don’t use RDP, disable it and close port 3389.
- Use a reliable security solution like Kaspersky Next EDR Optimum.
