HCM CITY — Việt Nam suffered over 8.4 million Remote Desktop Protocol attacks in the first six months of 2024, the highest number in Southeast Asia, according to global cybersecurity company Kaspersky.

Remote Desktop Protocol (RDP) is Microsoft’s proprietary protocol, providing a user with a graphical interface to connect to another computer through a network. RDP is widely used by both system administrators and less-technical users to control servers and other personal computers remotely.

A total of more than 23.49 million Bruteforce.Generic.RDP were detected and foiled by Kaspersky B2B products installed in companies of various sizes in the region in the first half of the year.

A bruteforce attack is a method employed by cybercriminals to guess login info, encryption keys, or find a hidden web page by systematically attempting all possible character combinations until they find the correct one. Successful bruteforce attacks allow attackers to obtain personal data and valuable information, plant and spread malware, and even hijack the system for malicious activities.

A Bruteforce.Generic.RDP attack attempts to find a valid RDP login/password pair by systematically checking all possible passwords until a correct one is found. When successful, it allows an attacker to gain remote access to the targeted host computer.

Việt Nam, Indonesia, and Thailand registered the highest number of RDP attacks for the first half of the year, with over 8.4 million, 5.7 million and 4.2 million attacks, respectively. Meanwhile, Singapore had more than 1.7 million incidents, the Philippines over 2.2 million, and Malaysia the lowest number of just over 1 million bruteforce attacks.

“Although it is an old method, organisations must not underestimate a bruteforce attack. This threat is still relevant for the region because many organisations deploy weak passwords making it easier for attackers to succeed.

"In addition to that, the absence of multi-factor authentication (MFA) on RDP connections as well as misconfigured RDP settings would also increase the possibility of successful execution of a bruteforce attack,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“Cybercriminals are leveraging artificial intelligence to enhance the capabilities of bruteforce attacks by automating the process of generating and testing passwords, making it faster and more efficient. Implications of corporate network breaches are far heavier.

"Organisations can suffer data breaches, or if systems are compromised they face operation disruptions. These would greatly impact organisations financially as they face costs of business downtime, recovery efforts and even regulatory fines,” he added.

To protect their organisations, experts at Kaspersky suggested businesses take adequate measures such as using strong and unique passwords, implementing two-factor authentication, and not exposing remote desktop/management services to public networks unless absolutely necessary. — VNS