A rising threat
Remote Desktop Protocol (RDP) attacks are rising as more organizations work from
home. Brute force RDP attacks from across the globe seek to gain access to an
Internet-connected computer, and then use it to infect other devices and servers on
the network.
This product includes GeoLite2 Data created by MaxMind, available from https://www.maxmind.com/
Every week Malwarebytes Brute Force Protection blocks close to 1 million attacks on RDP connections world-wide.
What is a brute force attack?
In a brute force attack an attacker attempts to gain access to a computer by guessing the username and password of one of its users. Some attacks will try a limited number of usernames and passwords on as many computers as possible, while others will try tens of thousands of usernames and passwords on a single computer. Attacks are automated and relentless, and can start within hours of a computer being connected to the Internet.
What can cybercriminals do using brute force attacks?
Hijack devices. Attackers operating ransomware such as Egregor and REvil use exposed RDP connections to access a vulnerable device.
Infiltrate your network. Once attackers have a foothold on one endpoint, they can use it to gather information, map your network, and then attack it from the inside.
Hold your company hostage. Attackers take full control of your company’s network and hold it, and your data, hostage.
How to secure remote desktop access for your organization?
Malwarebytes’ Brute Force Protection blocks brute force RDP attacks on Windows workstations and servers by blocking IP addresses that exceed a threshold of invalid login attempts.
Benefits of Malwarebytes Brute Force Protection
Brute force attack prevention
Block IP addresses that exceed a threshold of invalid login attempts.
Instant alerts
Get notified the moment an attack occurs.
Set-and-forget defense
Fully automated, around-the-clock RDP security.
Cloud-based control
Manage configurations on the Nebula platform.
Flexible protection
Control how you react to attacks via multiple modes such as ‘Monitor and Detect’ or ‘Block.’
Servers and workstations
Protect both servers and workstations from brute force attacks.