Remote working is risky: How to fend off potential cyber attacks

RDP attacks allow cybercriminals to also record keystrokes and steal sensitive information

With people working at home, new cyber risks have emerged.

Cybersecurity firm Kaspersky recently warned that attacks on remote desktop protocol (RDP) have increased.   

RDP is a protocol built into the Windows operating system. When it is enabled, it allows the user to take control of another computer or hand over control of his/her computer to someone else.  

When your laptop develops a glitch, a representative from the manufacturer may have asked for access to your computer.

The procedure is as follows: He would have asked you to type ‘remote desktop’ in the search path. The RDP option opens. You get a code, which you then read out to the other person. Thereafter, he is able to view your screen, move your cursor with his mouse, and so on.  

How information gets stolen

Every Windows computer has RDP. Be aware of this and do not engage in behaviour that exposes you to risks.

Do not, for instance, fall prey to voice phishing. A stranger could call and say: “I am from your company’s information technology team. Your computer has been attacked by a virus. I need to log in and fix it.”

Do not give access via RDP without checking the caller’s credentials.

“Once you give him control, he could take steps that allow him access and control over your computer even in the future,” says Udbhav Tiwari, public policy advisor, Mozilla.

Virus and malware can be used to exploit RDP-related vulnerabilities. A victim could get an email with an attachment or a text message with a link.

“Once the victim clicks on these bait links, vulnerability is exploited and a code gets injected that grants full control of the computer to the attacker,” says Prashant Mali, president and founder, Cyber Law Consulting.

The computer gets infected by malware that allows outsiders to take control of it via RDP.

Cybercriminals can use RDP to view your screen and steal vital information, like passwords being typed on websites.

Malware installed on your computer can record keystrokes. The cybercriminal will thus, be able to record user names, passwords, credit card details, etc that you type.  

Companies, too, can be duped

Suppose a cybercriminal gets access to the computer of a person who works in a company’s accounting department. The criminal will be able to see the invoices being generated, the amounts billed, the purpose for which billing was done, the vendor’s credentials, etc. He can then use this information to send a false invoice to the company. The invoice will seem legitimate because it will have all the details of one of its regular vendors and will get approved.

The only twist will lie in the fact that the bank account will be that of the cybercriminal’s and the money will be transferred to the wrong account.

“This sort of crime is quite uncommon,” says Tiwari.  

How to safeguard yourself

Do not click on emails and text messages from unknown sources, nor give access to your computer without verifying the caller’s credentials.

Install a good antivirus and upgrade your operating system regularly.

“Use supported new routers and not old, unpatched ones. Set up strong passwords for your router and WiFi network,” says Mali.

He also suggests working on laptops and cellphones provided by the employer as putting corporate information on personal devices can lead to potential security and legal issues of data theft.

Finally, if you don't use RDP, disable it.