Hackers are having one hell of a year.
They’re finding more vulnerable points to attack digital enterprises. Even as people implement two-factor authentication to get into their personal accounts, hackers are still managing to successfully access email inboxes, servers, and high-privilege access accounts.
But there’s one “classic” entry point that hackers are continuing to exploit: Remote desktop protocol credentials.
The Weakness in RDP Credentials
Remote desktop protocol (RDP) credentials are the information that allow a user to access a computer remotely. They’re often used in the context of technical support – you may have first experienced RDP in the context of a phone call to troubleshoot a computer problem – or for remote employees. But like most well-intentioned technology, RDP can easily be co-opted for nefarious purposes.
Here’s how it would work. If your computer is waiting for an RDP signal, a user can ping your computer and ask if it’s alive. If your computer is in use, then it will present a login screen for the would-be hacker. Given the prevalence of poor password management practices, you can imagine how easily most hackers can guess the correct password.
Once that’s happened, they can wreak havoc on your system by running malware or using your computer as a bot for a coordinated attack. Hackers may also attempt to encrypt your information and demand a ransom to decrypt it.
Of course, they can also use RDP in more subtle ways. For example, they can also sneak around your computer unseen, which means that any sensitive information/files are there for them to access. Later, they may be inclined to sell that information on the black market. The imaginative hacker can use poorly secured RDP as the means to just about any end.
An Ongoing Problem
How has this gone on for so long? For one thing, some people simply don’t realize that they have RDP on their computers, which in turn means that they don’t know how to turn it off. That, along with generally shoddy password practices among users, makes them relatively low-effort targets that can have rewarding results for different types of hackers.
Moreover, RDP has an enduring usefulness. It’s genuinely helpful for someone in IT to be able to access someone else’s computer to fix a problem, and it allows them to help even if they’re miles away. It’s not RDP that’s the problem– it’s the general population’s disinterest in cybersecurity.
How Biometrics Can Fill That Gap
Biometrics eliminate the need for the weak passwords that people often use for their systems. If RDP required biometric authentication, that would dramatically reduce the chances of an unauthorized party accessing your computer. Additionally, by requiring biometric authentication on both the customer and the support end, it’s much easier to track behavior and hold people accountable if it does turn out that they’re using RDP for something sinister.
Hackers have had a banner year (or rather, banner years). But they’ve been using similar tricks for years and accessing similar access weak points, including RDP. If we take our security seriously, perhaps 2018 will be the year where we successfully fight back.