Distant Desktop Protocol (RDP) is an incredible know-how developed by Microsoft that allows you to entry and management one other laptop over a community. It is like having your workplace laptop with you wherever you go. For companies, this implies IT workers can handle methods remotely, and staff can work at home or anyplace, making RDP a real game-changer in in the present day’s work atmosphere.
However this is the catch: as a result of RDP is accessible over the web, it is also a first-rate goal for unethical hackers. If somebody positive factors unauthorized entry, they might doubtlessly take over your system. That is why it is so essential to safe RDP correctly.
Why IT Groups Depend upon RDP, Regardless of the Dangers
Greater than 50 p.c of Kaseya’s small and medium-sized companies (SMBs) and Managed Service Suppliers (MSPs) clients use RDP for every day operations as a consequence of its effectivity and suppleness:
- Reduces Prices and Downtime – IT groups can resolve technical points remotely, eliminating journey bills and delays.
- Helps Enterprise Continuity – Staff and directors can securely entry firm methods from any location.
- Allows Scalable IT Administration – MSPs can oversee a number of shopper networks from a single interface.
Regardless of its advantages, RDP’s widespread use makes it a pretty assault vector, requiring fixed vigilance to safe correctly.
New Issues: The Rise of Port 1098 Scans
Sometimes, RDP communicates over port 3389. Nevertheless, latest safety stories – like one from the Shadowserver Basis in December 2024 – have highlighted a worrying pattern. Hackers at the moment are scanning port 1098, another route that many aren’t as conversant in, to seek out susceptible RDP methods.
To place this into perspective, honeypot sensors have noticed as much as 740,000 completely different IP addresses scanning for RDP providers each day, with a major variety of these scans coming from a single nation. Attackers use these scans to find methods which may be misconfigured, weak, or unprotected, after which they’ll attempt to power their manner in by guessing passwords or exploiting different weaknesses.
For companies, particularly SMBs and MSPs, this implies a better threat of significant points like information breaches, ransomware infections, or sudden downtime.
Conserving Up with Safety Patches
Microsoft is conscious of those dangers and repeatedly releases updates to repair safety vulnerabilities. In December 2024, for instance, Microsoft addressed 9 main vulnerabilities associated to Home windows Distant Desktop Companies. These fixes focused a variety of points recognized by safety consultants, making certain that recognized weaknesses could not be simply exploited.
Then, in January’s replace, two further essential vulnerabilities (labeled CVE-2025-21309 and CVE-2025-21297) had been patched. Each of those vulnerabilities, if left unaddressed, may enable attackers to remotely execute dangerous code on a system with out the necessity for passwords.
How Kaseya’s vPenTest Proactively Helps Safe RDP & Extra
RDP uncovered to the web is extra typically a misconfiguration than an meant configuration. Within the final 28,729 exterior community pentests we have now carried out, we had been capable of finding 368 cases of RDP uncovered to the general public web. On inside networks we have now discovered 490 cases of Bluekeep.
For organizations on the lookout for a proactive methodology to guard their exterior and inside networks, instruments like vPenTest are invaluable. vPenTest presents:
- Automated Community Pentesting: The platform will carry out each exterior and inside community pentests. IT Professionals at the moment are capable of carry out the identical assaults as an attacker towards the networks they handle to proactively shield them and check safety controls.
- Multi-Tenant: The platform is objective constructed for the multi-functional IT Group juggling a number of duties. IT Professionals are capable of handle all pentest engagements for a number of corporations inside the platform.
- Detailed Reporting and Dashboard: vPenTest will generate a set of stories together with an Government Abstract and a really detailed Technical Report. The platform additionally has a dashboard for every evaluation so IT Professionals can rapidly assessment findings, suggestions and affected methods.
For the primary time in tech historical past, IT Professionals at the moment are capable of execute an actual community pentest towards the organizations they handle at scale and on a extra frequent foundation.
How Datto EDR Helps Safe RDP
For organizations on the lookout for an additional layer of safety, instruments like Datto Endpoint Detection and Response (EDR) are invaluable. Datto EDR presents:
- Actual-Time Risk Detection: It screens RDP site visitors for uncommon habits—like sudden entry makes an attempt or unusual port utilization—and raises alerts if one thing appears off.
- Automated Responses: When suspicious exercise is detected, the system can robotically block or isolate the risk, stopping potential breaches of their tracks.
- Detailed Reporting: Complete logs and stories assist directors perceive what occurred throughout an incident, to allow them to strengthen their defenses for the longer term.
Which means that with Datto EDR, companies can get pleasure from the advantages of RDP whereas protecting their methods safer from fashionable threats.
Sensible Tricks to Lock Down RDP
Listed below are some easy suggestions to assist safe your RDP setup:
- Well timed Patching: All the time set up updates as quickly as they’re accessible. Distributors ceaselessly launch patches to handle new vulnerabilities.
- Restrict Publicity: Limit RDP entry to trusted personnel solely and contemplate altering the default port (3389) to one thing much less predictable.
- Use Multi-Issue Authentication: Including further steps for verification (like MFA and Community Degree Authentication) makes it a lot tougher for attackers to realize entry.
- Implement Robust Passwords: Be sure that passwords are complicated and meet a minimal size requirement to assist thwart brute-force assaults.
By taking these steps, you possibly can considerably cut back the danger of your RDP providers changing into an entry level for cyberattacks.
RDP Is not Going Away—However Safety Must Enhance
RDP is an important software that has reworked how companies function, enabling distant work and environment friendly system administration. Nevertheless, as with all highly effective software, it comes with its personal set of dangers. With attackers now exploring new avenues like port 1098 and repeatedly discovering methods to use vulnerabilities, it is essential to remain on high of safety updates and finest practices.
By protecting your methods patched, limiting entry, utilizing multi-factor authentication, and using superior safety options like Datto EDR, you possibly can benefit from the flexibility of RDP with out compromising your group’s safety.
Keep protected and keep up to date!
