Using the Remote Desktop Protocol (RDP) to access systems and infect entire networks with ransomware from there is the main attack vector for ransomware groups, according to the UK’s National Cyber Security Centre (NCSC). The British government agency has asked start-ups in the country to come up with solutions for ransomware attacks via RDP.
According to the NCSC, Ransomware is the biggest threat to SMEs and larger businesses. One of the biggest targets for cybercriminals is systems that can be accessed remotely.
“So we are looking for solutions and new approaches that can mitigate the risks associated with tools like RDP,” the government agency said.
For example, solutions are being sought to detect exposed endpoints and insecure configurations, as well as alternatives to existing remote access tools. The NCSC is also looking for startups that can add two-factor authentication to RDP, detect and block brute force attacks against RDP, and prevent the use of weak RDP passwords. Earlier, the NCSC asked start-ups for solutions to infected ads.