Guide to Securing Remote Desktop Protocol

The Center for Internet Security (CIS) has just published the report Exploited Protocols, Remote Desktop Protocol (RDP), which is intended to provide an overview of what RDP is, the attacks associated with this protocol, and how an organization can best protect itself against an RDP-based attack. The information provided in this report is very timely given the increased usage of RDPs as organizations stood up remote environments for employees to utilize when the COVID-19 pandemic struck. In fact, RDP usage has jumped an estimated 41 percent since then according to the report, greatly increasing an attack surface that was already a target for adversaries. For additional context, the report notes that RDP is top vector for ransomware attacks, which have been combined with banking Trojans like Emotet, TrickBot, and others to harvest credentials, spread throughout a network, scrape email addresses, to send phishing emails, and download additional malware. The report emphasizes that while RDP Is not in and of itself dangerous, it must be secured to prevent easy exploitation by attackers. Access the report at CIS.