Computer networks are being aggressively bombarded with billions of password-guessing attacks as cyber criminals attempt to exploit the growth in remote desktop protocol (RDP) and other cloud services in corporate environments.
Cybersecurity researchers at ESET detected 55 billion new attempts at brute-force attacks between May and August 2021 alone -more than double the 27 billion attacks detected between January and April.
Successfully guessing passwords can provide cyber criminals with an easy route into networks and an avenue they can use to launch further attacks, including delivering ransomware or other malware. Once in a network, they'll attempt to use that access to gain additional permissions and manipulate the network, performing actions like turning off security services so they can go about their activities more easily.
SEE: A winning strategy for cybersecurity (ZDNet special report)
One of the most popular targets for brute-force password-guessing attacks are RDP services. The rise in remote working has led to an increase in people needing to use remote-desktop services. Many of these are public-facing services, providing cyber criminals with an opportunity to break into networks -and it's an opportunity they're eager to exploit.
The sheer number of attacks means most will be automated, but if accounts are secured with simple-to-guess or common passwords