The number of cybercrime threats has increased several-fold as millions of people around the world are accustomed to working from home. Brute force attacks against Remote Desktop Protocol or RDP increased by 242% compared to last year, according to Kaspersky researchers. In addition, 1.7 million unique malicious files have been disguised as apps for corporate communications.
According to the report, about 3.3 billion attacks on Remote Desktop Protocol took place between January and November 2020. At the same time last year, Kaspersky detected 996 million of these attacks worldwide.
For India, between January and November 2020, the number of detections in the country reached 36 million. The number of attacks during the same period last year was about 18 million.
Read again: At least 200 victims identified on suspicion of Russian hacking
Employees who work from home for short periods of time have opened up new vulnerabilities that cybercriminals can quickly target, according to researchers.
This is primarily due to the increased volume of corporate traffic, users moving to third-party services to exchange data, and the Wi-Fi network may also be insecure. One of the most popular application-level protocols for accessing Windows workstations is said to be Microsoft’s own protocol, RDP. In addition, remote workers are now available, increasing the number of misconfigured computers.
Read again: Microsoft states that it has found malicious software in its system
According to researchers, these attacks attempted a brute force attack on RDP usernames and passwords (trying to systematically find the right option). And if the hacker succeeds, it will allow remote access to the target computer.
In addition, some cybercriminals could understand that several workers replaced offline communications with online tools. So these were also their targets. According to researchers, 1.66 million unique malicious files spread under the guise of popular messengers and online conferencing applications used for work. When installed, the adware program is loaded, the victim’s device is flooded with unwanted ads, and personal data used by third parties is collected.