Experts of the Russian company DeviceLock, working in the field of cyber security, find out how many personal computers in Russia at the moment can easily become the target of attacks by the remote access Protocol. It turned out that over time the isolation from the beginning of April the number had more than tripled.
according to “Kommersant”, citing data from DeviceLock, at the end of may is vulnerable to unauthorized remote access RDP was 101 000 computers in Russia is 230% more than in the beginning of April. As explained by technical Director and co-founder of DeviceLock Ashot Oganesyan this increase is due to increased number of servers, including publicly accessible from the Internet.
As noted in an interview with the publication Director of the expert center Positive Technologies Alexey Novikov, from scanning the network for vulnerable computers botnets, new goal, when companies rushed to transfer employees to remote work, often in a hurry neglecting information security. He referred to Positive Technologies conducted a survey of experts in infobezopasnosti, which revealed: in the first half of April, 11% of companies were forced to organize remote access from scratch, and 41% urgently scale it, as before, is configured only to some employees.
the easiest way to arrange for such access is to use the RDP Protocol. However, it is also a popular target of hackers who are trying with the help of botnets – large networks of controlled computers to find passwords to user accounts and to connect to poorly secured systems. According to experts, in may the number of such attacks and their duration significantly increased.
As the head of the Department of investigation of cyber incidents JSOC CERT of Rostelecom Igor Zalewski, on average, for access to the system even large companies with a large it Department infobezopasnosti from criminals, it takes about one and a half days. In this processso simple that offer on the “black market” significantly exceeded demand and prices fell an average of one such loophole in the corporate network is on sale for only 300 – 500 roubles. More adventurous hackers can try to earn more, resorting to blackmail – they encrypt valuable information on corporate servers and demand a ransom for its decryption. Not to be held hostage by cybercriminals, companies should regularly back up the data.