Since the world was hit by the COVID-19 outbreak, the number of hacking attacks on various types of services and businesses has been seen increasing, and it seems that with many workers starting to work from home at the time, these hackers are also seen starting to attack these employees ’devices.
Kaspersky Labs recently released a report saying that the number of hacking attacks has increased dramatically by 149 percent from 2019 to 2021. It is also reported that the largest vector for these attacks is done through Remote Desktop Protocol (RDP) functionality.
Remote Desktop is a function built into a computer where users can access computers and data in the office using a virtual private network or VPN (Virtual Private Network).
Typically most employees who work remotely will use this function to access data that should only be accessible from the office, but with the COVID-19 situation in those two years causing people to have to work from home, hackers see this as a opportunity to steal company information.
In 2019, Kaspersky Labs showed a total of 65,651,924 attacks via RDP. This number will increase to 214,054,408 in 2020 as more workers start working from home. It is seen to decrease by 20 per cent in 2021, but this number is still seen to be much higher than the number of attacks in 2019.
For Malaysia, these hacking attacks via Remote Desktop were seen at 7,043,436 in 2019, 21,652,339 in 2020 and 15,167,500 in 2021, in line with what Kaspersky said.
Kaspersky says that one of the main reasons why attacks via this Remote Desktop feature increased dramatically in 2020 in particular is because the functionality was introduced to employees in a hurry, and this resulted in most of the feature’s security configurations not being made correctly.
In addition, employees are also not told to be vigilant about receiving and opening links and files from emails sent by unknown addresses. Typically, once hackers have already gained access to an employee’s computer, it is seen as relatively easy for these hackers to then gain access to office data remotely.
Kaspersky recommends that all software used to access office details should be updated to the latest version, and if possible, enable the two-factor authentication feature to ensure that access to office networks is more secure and manageable.
