Singapore – Over 23 million brute-force attacks are targeting businesses in Southeast Asia within the first half of 2024, according to cybersecurity firm Kaspersky.
Data from the findings reported that a significant total of 23,491,775 Bruteforce.Generic.RDP were detected and foiled by Kaspersky B2B products installed in companies of various sizes in the region from the period of January to June.
Vietnam, Indonesia, and Thailand also recorded the highest number of RDP attacks for the first half of the year, with more than 8.4 million, 5.7 million, and 4.2 million attacks, respectively.
Meanwhile, Singapore experienced over 1.7 million incidents, the Philippines reported more than 2.2 million, and Malaysia had the lowest number at just above one million.
Remote Desktop Protocol (RDP) is Microsoft’s proprietary protocol, providing a user with a graphical interface to connect to another computer through a network. It is also commonly used by both system administrators and less-technical users to control servers and other PCs remotely.
With these incidents at hand, the company has further advised adequate measures, including using strong and unique passwords, implementing two-factor authentication, not exposing remote desktop/management services to public networks, as well as monitoring access and activity by having visibility over the network to spot any unusual activity.
In addition, Kaspersky recommended setting up a security operation centre using an SIEM, employing the latest threat intelligence information, considering subscribing to a managed service such as Kaspersky MDR, and using solutions intended to help manage cybersecurity even without having an IT administrator on board.
Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky, also said, “Although it is an old method, organisations must not underestimate a brute-force attack. This threat is still relevant for the region because many organisations deploy weak passwords, making it easier for attackers to succeed.”
“In addition to that, the absence of multi-factor authentication (MFA) on RDP connections as well as misconfigured RDP settings would also increase the possibility of successful execution of a brute-force attack,” added Yeo.
He further noted, “Cybercriminals are leveraging artificial intelligence to enhance the capabilities of brute-force attacks by automating the process of generating and testing passwords, making it faster and more efficient. Implications of corporate network breach are far heavier.”
“Organisations can suffer data breaches, or if systems are compromised, they face operation disruptions. These would greatly impact organisations financially as they face costs of business downtime, recovery efforts, and even regulatory fines,” concluded Yeo.
