{"id":5113,"date":"2020-07-23T00:02:44","date_gmt":"2020-07-22T23:02:44","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5113"},"modified":"2021-04-01T00:06:22","modified_gmt":"2021-03-31T23:06:22","slug":"security-risks-of-remote-desktop-access","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access","title":{"rendered":"Security Risks of Remote Desktop Access and How to Prevent Them"},"content":{"rendered":"

Many IT services providers use a remote desktop support solution to help manage their customers‘ computers. Remote support connections are often done via the remote desktop protocol (RDP). However, security experts warn that RDP leaves a listening port open on the target machine, which would-be attackers could exploit. The truth is RDP vulnerabilities aren\u2019t the only things you need to be concerned about. Weak password protection on the remote connection can make it easy for cybercriminals to break into the session and gain access to everything on a user\u2019s computer. What\u2019s more, sometimes human error leaves the door wide open for the bad guys to get in.<\/p>\n

If you\u2019re serious about your customers\u2019 cybersecurity\u2014and you absolutely should be if you want to keep their business\u2014then you need to find a remote support solution that takes security just as seriously.<\/p>\n

What type of attack is RDP vulnerable to?<\/b><\/h3>\n

Let\u2019s look at some of the different types of cyberattacks a cybercriminal can execute via a remote access vector using RDP.\u00a0<\/b>The\u00a0proprietary protocol developed by Microsoft<\/a>\u00a0provides access to a client from a server via encrypted TCP traffic. Poorly secured RDP gives hackers a potential entry point into enterprise networks.\u00a0Hackers are well aware of the extensive use of RDP within organizations and target it as a method to proliferate their attacks.<\/p>\n

MAN-IN-THE-MIDDLE ATTACKS<\/h4>\n

RDP sessions are susceptible\u00a0to man-in-the middle attacks where the hacker intercepts all communications sent between a client and a terminal server using Address Resolution Protocol (ARP) spoofing or Domain Name System (DNS) spoofing. They can use this to spread ransomware or implant arbitrary executables within organizations.<\/p>\n

CREDENTIAL HARVESTING<\/h4>\n

RDP sessions are also prone to in-memory credential harvesting. Capturing and selling RDP credentials on the Dark Web<\/a> has been lucrative for a lot of hackers. xDedic was a notorious online marketplace where cybercriminals would buy and sell access to hacked servers, as was revealed in\u00a0a Kaspersky report published in June 2016<\/a>. The report warned that 250,000 credentials for RDP servers around the world appeared to be for sale for as little as $6 each. The site went underground and continued to operate until 2019 when it was shut down in a joint effort by the FBI and several European countries authorities.<\/p>\n

DENIAL OF SERVICE<\/h4>\n

Hackers can also use a brute-force attack to gain access to RDP credentials. During an attack, a malicious actor will scan a range of IP addresses, look for open ports used by RDP, and use a brute-force method, such as a dictionary attack, to attempt to determine the password. This brute-force attack may serve as a denial of service (DoS) against the operating system\u2019s memory or storage, disrupting its normal function, and preventing other users from accessing it.<\/p>\n

What else could go wrong?<\/b><\/h3>\n

Even if you\u2019re not using an RDP-based\u00a0remote desktop solution<\/a>, as with any piece of software, bugs or insider threats may arise sooner or later.\u00a0Some are malicious, some are accidental, but either way they can do serious damage.<\/p>\n

PERMISSIONS VULNERABILITIES<\/h4>\n

A researcher at\u00a0SafeBreach in 2019<\/a>\u00a0discovered a critical security exploit in the TeamViewer admin permissions. Cybercriminals could have used it to load and execute malicious payloads in a persistent way, each time the service loaded.<\/p>\n

WEAK PASSWORD PROTECTION<\/h4>\n

In the absence of a multifactor authentication mechanism, a hacker is free to guess a user’s password. If passwords are weak or reused\u2014by technicians or employees\u2014across several accounts, the breach becomes easier for a motivated hacker with access to compromised credentials from past data breaches.<\/p>\n

SOCIAL ENGINEERING VIA REMOTE ACCESS<\/h4>\n

It can still be easy to fall for scams in this day and age. In a recent\u00a0Reddit thread<\/a>, a user detailed how someone allegedly from China asked him to remotely use his computer in exchange for payment, probably looking for a fall guy to scam others. In this case, the attack vector would have been used with the computer owner\u2019s consent, exploiting his weakness at the prospect of making easy money.<\/p>\n

Choosing the right remote desktop access tool<\/b><\/h3>\n

As businesses increasingly expect their services providers to keep them secure, it\u2019s important to make sure the tools you use are up to the challenge.<\/p>\n

The integration between SolarWinds\u00ae<\/sup>\u00a0Take Control and Passportal is designed to sidestep the vulnerabilities mentioned above and help you remain secure in harsh environments.<\/p>\n

Secure Access<\/b>: Take Control uses advanced encryption protocols and a separate viewer and agent for remote connections. Instead of a direct connection between two machines, this routes traffic through an intermediary that\u2019s much harder for hackers to penetrate.<\/p>\n

Control user permissions<\/b>:\u00a0Take Control applies the principle of least privilege, by allowing assigned techs to have access to specific accounts only, mitigating the risk of insider attacks.<\/p>\n

Protect logins<\/b>: Any solution worth its salt must include two-factor authentication (2FA). Take Control offers authentication apps for 2FA including Google Authenticator, Duo Mobile, Authy, and Microsoft Authenticator. These apps increase security by preventing SMS message interception from cybercriminals or from those who gain access to email accounts.<\/p>\n

Secure password protection<\/b><\/a>: Take Control includes Passportal, an integrated password manager that injects credentials into a system without the technician ever seeing them. The integration between Take Control and Passportal helps save technicians\u2019 time, gain efficiency in the remote connection process, and increase security. To learn more about this integration, download our\u00a0feature sheet<\/a>.<\/p>\n

Start a free trial<\/b><\/a>\u00a0of SolarWinds Take Control Plus today.<\/b><\/p>\n

 <\/p>\n

Marilena Levy is product marketing manager, SolarWinds MSP<\/b><\/p>\n","protected":false},"excerpt":{"rendered":"

Read about the most common vulnerabilities of remote connections and how to bypass them with the integrated remote desktop access and password management solution.<\/p>\n","protected":false},"author":33,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5113","post","type-post","status-publish","format-standard","hentry","topic-remote-management"],"acf":[],"yoast_head":"\nSecurity Risks of Remote Desktop Access and How to Prevent Them - N-able<\/title>\n<meta name=\"description\" content=\"Read about the most common vulnerabilities of remote connections and how to bypass them with the integrated remote desktop access and password management solution.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Risks of Remote Desktop Access and How to Prevent Them - N-able\" \/>\n<meta property=\"og:description\" content=\"Read about the most common vulnerabilities of remote connections and how to bypass them with the integrated remote desktop access and password management solution.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-22T23:02:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-03-31T23:06:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Marilena Levy\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Marilena Levy\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"4\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access\"},\"author\":{\"name\":\"Marilena Levy\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/e5bb99739c95542324b6df808016900f\"},\"headline\":\"Security Risks of Remote Desktop Access and How to Prevent Them\",\"datePublished\":\"2020-07-23T00:02:44+01:00\",\"dateModified\":\"2021-03-31T23:06:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access\"},\"wordCount\":926,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"articleSection\":[\"Remote Management\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access\",\"url\":\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access\",\"name\":\"Security Risks of Remote Desktop Access and How to Prevent Them - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de#website\"},\"datePublished\":\"2020-07-23T00:02:44+01:00\",\"dateModified\":\"2021-03-31T23:06:22+00:00\",\"description\":\"Read about the most common vulnerabilities of remote connections and how to bypass them with the integrated remote desktop access and password management solution.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Remote Management\",\"item\":\"https:\/\/www.n-able.com\/de\/blog\/category\/remote-management\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Risks of Remote Desktop Access and How to Prevent Them\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/de#website\",\"url\":\"https:\/\/www.n-able.com\/de\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/de?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/de#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/de\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/e5bb99739c95542324b6df808016900f\",\"name\":\"Marilena Levy\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/90cda488bb5d5e472432bac98e6c8ac40fae099fcdbd36299ce8c1ce723f64a8?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/90cda488bb5d5e472432bac98e6c8ac40fae099fcdbd36299ce8c1ce723f64a8?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/90cda488bb5d5e472432bac98e6c8ac40fae099fcdbd36299ce8c1ce723f64a8?s=96&d=mm&r=g\",\"caption\":\"Marilena Levy\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Security Risks of Remote Desktop Access and How to Prevent Them - N-able","description":"Read about the most common vulnerabilities of remote connections and how to bypass them with the integrated remote desktop access and password management solution.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access","og_locale":"de_DE","og_type":"article","og_title":"Security Risks of Remote Desktop Access and How to Prevent Them - N-able","og_description":"Read about the most common vulnerabilities of remote connections and how to bypass them with the integrated remote desktop access and password management solution.","og_url":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2020-07-22T23:02:44+00:00","article_modified_time":"2021-03-31T23:06:22+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Marilena Levy","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Verfasst von":"Marilena Levy","Gesch\u00e4tzte Lesezeit":"4\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access"},"author":{"name":"Marilena Levy","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/e5bb99739c95542324b6df808016900f"},"headline":"Security Risks of Remote Desktop Access and How to Prevent Them","datePublished":"2020-07-23T00:02:44+01:00","dateModified":"2021-03-31T23:06:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access"},"wordCount":926,"publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"articleSection":["Remote Management"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access","url":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access","name":"Security Risks of Remote Desktop Access and How to Prevent Them - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/de#website"},"datePublished":"2020-07-23T00:02:44+01:00","dateModified":"2021-03-31T23:06:22+00:00","description":"Read about the most common vulnerabilities of remote connections and how to bypass them with the integrated remote desktop access and password management solution.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/de\/blog\/security-risks-of-remote-desktop-access#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Remote Management","item":"https:\/\/www.n-able.com\/de\/blog\/category\/remote-management"},{"@type":"ListItem","position":2,"name":"Security Risks of Remote Desktop Access and How to Prevent Them"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/de#website","url":"https:\/\/www.n-able.com\/de","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/de?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/de#organization","name":"N-able","url":"https:\/\/www.n-able.com\/de","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/e5bb99739c95542324b6df808016900f","name":"Marilena Levy","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/secure.gravatar.com\/avatar\/90cda488bb5d5e472432bac98e6c8ac40fae099fcdbd36299ce8c1ce723f64a8?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/90cda488bb5d5e472432bac98e6c8ac40fae099fcdbd36299ce8c1ce723f64a8?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/90cda488bb5d5e472432bac98e6c8ac40fae099fcdbd36299ce8c1ce723f64a8?s=96&d=mm&r=g","caption":"Marilena Levy"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/5113","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/users\/33"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/comments?post=5113"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/5113\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/media?parent=5113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}