Microsoft releases guidance for dealing with remote desktop security risks

Remote desktop use is on the rise but so are cyberattacks aimed at vulnerable systems

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Businesses and organisations using Remote Desktop Services (RDS) should take note of new advice fromMicrosoftdetailing how to address security challenges associated with remote systems.

The on-going Covid-19 pandemic has caused businesses around the world to rapidly adopt remote desktop applications so that their employees canwork from home.

Although RDS systems are proving useful in these exceptional circumstances, they also present a security risk.Hackers are taking advantageof their uptake, leading to an unprecedented number of cyberattacks aimed at Microsoft Remote Desktop and other RDS users.

Security challenges

Security challenges

As Microsoftpoints out, research has shown a jump over the past couple of months in the number of systems that can be accessed via the public internet using traditional and well-known “alternative” Remote Desktop Protocol (RDP) ports.

Although commonly used for RDS, these ports have known security issues and shouldn’t be made publicly accessible for RDP without other protections (such as multi-factor authentication) in place.

James Ringold, an enterprise security advisor for the Microsoft Security Solutions Group, points out that cyber criminals can use RDP to establish a foothold on corporate networks, potentially using an insecure remote connection as an opportunity to “install ransomware on systems, or take other malicious actions”.

For IT teams wishing to address remote desktop vulnerabilities, Microsoft lists a few key considerations to take into account. These include the lateral movement which accounts are permitted (this will determine if an attacker can access other file systems after an initial breach) and whether your RDS can be reached via the public internet.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Further, Microsoft strongly suggests that any RDS-using business carry out security audits and review firewall policies. As part of this, companies should consider scanning the public internet for exposed addresses from their network on default RDP ports like TCP 3389.

7 myths about email security everyone should stop believing

Best Usenet client of 2024

Anker Nebula Mars 3 review: A powerful and truly portable projector