Kaspersky_Web-bruteforce

In an alarming revelation for the cybersecurity landscape in Southeast Asia (SEA), global cybersecurity company Kaspersky disclosed that over 61 million Bruteforce attacks targeting businesses in the region were blocked last year. Data from January to December 2023 shows a total of 61,374,948 attempts categorized as Bruteforce.Generic.RDP. were detected and prevented by Kaspersky’s B2B solutions across companies of various sizes.

A Bruteforce attack is a method that involves systematically guessing all possible character combinations to identify a password or encryption key. A successful attack grants an intruder valid credentials, allowing unauthorized access to a system. Bruteforce.Generic.RDP.* specifically targets Microsoft’s Remote Desktop Protocol (RDP), which offers users a graphical interface for connecting to another computer through a network. An attacker who succeeds in breaking into an RDP session gains control over the targeted computer.

Vietnam, Indonesia, and Thailand faced the most significant number of attacks, registering over 25.9 million, 11.7 million, and 10.2 million attempts, respectively. Singapore was not spared either, reporting over six million incidents, while the Philippines experienced nearly five million attempts. Malaysia saw the least impact in the region but still encountered almost three million attack attempts.

These figures underscore the persistent and sophisticated efforts of cybercriminals aiming to compromise businesses in SEA. Kaspersky’s B2B cybersecurity solutions played a crucial role in defending companies of all sizes from unauthorized access that could have resulted in data breaches or operational disruptions.

If you use RDP in your work, be sure to take all possible protection measures:

  • At the very least, use strong passwords.
  • Make RDP available only through a corporate VPN.
  • Use Network Level Authentication (NLA).
  • If possible, enable two-factor authentication.
  •  If you don’t use RDP, disable it and close port 3389.
  • Use a reliable security solution like Kaspersky Endpoint Security for Business.

Companies are also encouraged to take a step further when it comes to defending their security perimeters. Kaspersky has an integrated software solution that includes a set of functions for event monitoring and management, Kaspersky Unified Monitoring and Analysis Platform (KUMA).

A unified console for monitoring and analysing information security incidents, KUMA can be used as a log management system and as a full-fledged SIEM system.

Leave a Reply