Veteran cybersecurity experts working on the front lines are left shaking their heads when they have to deal with organizations whose security postures are still wide open to well-known, longtime vulnerabilities.
Here’s an example.
“And I still am baffled by this, that brute-force RDP attacks are still one of the most common attack vectors that are out there. Okay, everyone walking away from this session, if you have open-ended RDP connections on the internet, number one: Stop doing that!”
The speaker is Dave Kawula, managing principal consultant at TriCon Elite Consulting.
The subject is Remote Desktop Protocol (RDP), a proprietary protocol developed by Microsoft which provides a user with a GUI to connect to another computer over a network connection, according to Wikipedia.
The venue is a recent half-day online summit presentation hosted by Virtualization & Cloud Review, titled “Multi-/Hybrid Cloud Security & Recovery,” now available for replay.
The gist is something like, “Why in the heck are people still leaving themselves exposed to vulnerabilities everybody has known about forever?”
RDP tops that list, being such a popular target for threat actors that it has been dubbed the Ransomware Deployment Protocol. “Remote Desktop Protocol (RDP) is the most popular initial ransomware attack vector and has been for years,” said Palo Alto Networks in a post that itself is now more than a year old.
