Firms and businesses using Remote Desktop Services (RDS) should take note of new information from Microsoft detailing the way to handle security challenges associated with remote systems.

The continuing Covid-19 pandemic has caused businesses around the globe to rapidly adopt remote desktop software so that their workers can work at home.

They pose a security threat Though RDS systems are proving useful in such unique circumstances. Hackers are taking advantage of the uptake, leading to an unprecedented variety of cyberattacks aimed at Microsoft Remote Desktop and other RDS users.

Security challenges: Remote Desktop Services (RDS)

As Microsoft points out, studies have proven a leap within the past couple of months at the number of systems which can be accessed via the public internet using conventional and well-known”alternative” Remote Desktop Protocol (RDP) interfaces.

Although commonly used for RDS, these ports have known safety issues and should not be made publicly available for RDP without other protections (such as multi-factor authentication) in place.

Desktop Security Risks

James Ringold, an enterprise security advisor for the Microsoft Security Solutions Group, points out that cybercriminals can use RDP to establish a foothold on business networks, potentially utilizing an insecure remote connection as an opportunity to”install ransomware on programs, or take other malicious actions”.

Microsoft lists a couple of factors to take into account for IT teams wishing to address desktop vulnerabilities. These include the lateral motion which balances are permitted (this will ascertain if an attacker can get other file systems following a first breach) and whether your RDS could be reached via the public network.

Further, Microsoft strongly suggests that any RDS-using business execute safety audits and examine firewall policies. As part of this, companies should think about scanning the people net for addresses out of their network on default RDP ports like TCP 3389.