RPD Attacks In Southeast Asia Increased 149 Percent, Cyber Criminals Target WFH Workers

The number of cyberattacks increased significantly with the implementation of WFH (photo: Kaspersky)

JAKARTA - When the COVID-19 pandemic broke out in 2020, many employees were forced to work from home and this has managed to keep most businesses in Southeast Asia afloat. Unfortunately, the work from home trend has also exposed many companies to RDP attacks, and according to Kaspersky, this is not going away anytime soon.

Kaspersky data shows Remote Desktop Protocol (RDP) attack attempts among Kaspersky users in Southeast Asia rose 149% from 2019 to 2021.

RDP attacks in Southeast Asia in 2019 recorded just over 65 million attacks, but in 2020, when most workers in Southeast Asia are forced to work full time from home, the number skyrockets to more than 214 million attacks.

In 2021, when employees can alternate between working in the office or from home, RDP attack attempts fell by an average of 20% compared to 2020 but the number is still higher than the number of attacks in 2019. Last year, RDP attack attempts in Singapore, even up 6.85% compared to 2020.

What is meant by RDP?

RDP or Remote Desktop Protocol is Microsoft's proprietary protocol that allows users to connect to other computers over a network of computers running Windows.

RDP is widely used by system administrators and casual users to remotely control servers and other PCs, but it is also this tool that cybercriminals exploit to penetrate target computers that usually have critical enterprise resources. Microsoft 365 remains the productivity software of choice for businesses, followed by Google Workspace.

When devices are outside the company's local network, away from the protection of the IT department, there is always a high potential for theft or loss of confidential company information due to carelessness.

In the first wave of lockdowns, computers rushed to workers for WFH were not configured properly. This provides an opening for cybercriminals to carry out attacks, particularly using brute force attack attempts (systematically trying to find the correct username and password) in order to gain remote access to target computers on the network.

“Experiences during the pandemic gave rise to a collective demand around the world to shift to hybrid work systems. Sectors such as finance, information, management and professional services are proven to benefit when working and collaborating remotely,” said Yeo Siang Tiong, General Manager for Southeast Asia, Kaspersky.

Yeo added that the increase in RDP attacks during this period did not only occur in Southeast Asia. Worldwide attack RDP from 2019 to 2021 is up 120%.

"Given that the trend of working from home will continue, we urge companies to take the protection of WFH and hybrid workers seriously to protect their data," he said.