According to cybersecurity company Kaspersky, they detected and prevented more than 53 million Brute force attacks in the region during 2024.
BruteForce.Generic.RDP is an attack method by testing any possible character combination to find the correct password or encrypt it. If this process is successful, cybercriminals can steal the valid login information of users, thereby easily breaking into the system.
RDP (Remote Desktop Protocol - remote computer control software) is an exclusive protocol of Microsoft that allows users to connect to another computer via internal networks or the Internet.
RDP is commonly used by system administrators and non-professional users to remotely control servers or computers. However, this is also the point that hackers often take advantage of to break into devices containing important business resources.
The risk of leakage or loss of confidential data due to negligence will always be present when the working device is disconnected from the internal network and is no longer under the direct protection of the IT department.
Every day, Kaspersky detects an average of more than 145,000 attacks targeting businesses in Southeast Asia, said Adrian Hia, Executive Director of Asia-Pacific at Kaspersky. This number is especially worrying as this area is experiencing a serious shortage of cybersecurity human resources.
The number of attacks in 2024 in Indonesia and Malaysia both increased sharply, with the rate increasing at double digits. A total of 14,662,615 RDP attacks targeted enterprises in Indonesia in 2024, up 25% from 11,703,925 in 2023.
In Malaysia, the number of Brute force attacks also increased by 14%, from 2,810,648 in 2023 to 3,198,767 in 2024.
In Vietnam, cybersecurity experts recorded more than 19.8 million Brute force attacks in 2024.
Mr. Hia emphasized: cybercriminals are taking advantage of artificial intelligence (AI) tools to significantly speed up the speed of password breaking and decryption. Once successful, attackers can remotely access the target computer system.
Try to imagine the consequences if there is a digital agent operating silently within the business. Therefore, businesses in Southeast Asia need to seriously review existing information technology security capabilities and soon upgrade cybersecurity defense capabilities.
According to cybersecurity experts, to protect safety and avoid breaking passwords, when using RDP, businesses need to:
- Use strong passwords for personal and company accounts
- Only access RDP via the company's internal VPN network
- Activate Network Level Authentication - NLA (authentication mechanism is implemented before the RDP connection session is started)
- Always activate 2-factor authentication (2FA) to improve and maintain security
- disable the RDP feature and close port 3389 when not needed.
- Apply a reliable security solution such as Next EDR Optimum to detect and respond to cyber threats early.
