Over 6 million RDP brute force attacks recorded in 2023

Brute force attacks involve systematically guessing passwords until the correct one is found.

Singapore registered a total of 6,059,867 brute force attacks on its remote desktop protocol (RDP) systems in 2023, according to Kaspersky's data.

The report also showed that a total of 61,374,948 brute force attacks targeted businesses in Southeast Asia last year.

Bruteforce attacks involve systematically guessing passwords until the correct one is found, granting unauthorised access to sensitive systems and data. 

Vietnam, Indonesia, and Thailand faced the highest number of RDP attacks, with the Philippines and Malaysia also experiencing substantial incidents.

“Bruteforce attack is not a threat companies should ignore. The use of third-party services for data exchange, employees working on home computers, and potentially insecure Wi-Fi networks, and the use of remote-access tools like RDP remain to be a headache for corporate infosec teams,” said Adrian Hia, managing director for Asia Pacific at Kaspersky.

He also warned the potential use of artificial intelligence by threat actors to expedite the breach of corporate login credentials. 

“Businesses here should beef up their endpoint and network security posture to defend themselves against smarter AI-based Bruteforce attacks,” Hia added.

To mitigate the risk associated with RDP usage, Kaspersky recommends employing strong passwords, restricting RDP access through corporate VPNs, implementing Network Level Authentication (NLA), enabling two-factor authentication, and disabling unused RDP ports (specifically port 3389). 

Additionally, businesses are urged to adopt proactive defense strategies to enhance security perimeters and incident response capabilities.