Our intelligence team recently discovered compromised RDP (Remote Desktop Protocol) credentials being circulated on the dark web.
Remote Desktop Protocol allows for secure remote access to a device, often used by IT support staff or consultants to access computers remotely. Remote workers can also use it to log in to computers that are physically located at their office buildings. Access to RDP is with a username and password, and it's important for businesses to ensure that these passwords are difficult to guess, given the nature of the access to a company’s network that these devices provide.
It's not uncommon for credentials to be compromised and shared amongst hackers. Our intelligence team sees this regularly. But the alarmingly weak passwords used to protect such important devices stood out in this instance. Given that these credentials allow remote access, one would assume they were strong with a mix of upper and lowercase characters, numbers, and punctuation, with no common words or password combinations.
Here are some shocking, examples, guessed using brute force, that our team came across and some snapshots of how these credentials are distributed on the web.
- Qaz.123
- AA123456
- Task123
- AAAAA.123
And what’s worse? We also saw evidence of this password being circulated: P@ssw0rd!
Along with sharing the stolen credentials, here’s an image of a user sharing the translation of ‘administrator’ in various languages - to help criminals hack into accounts in different countries.
One of the fundamental cybersecurity practices businesses should implement is creating and utilising strong passwords and 2-step verification. It is alarming to discover that many businesses still neglect to follow these basic security measures.
Small and medium-sized businesses (SMEs) often lack the education and awareness to protect themselves from cyber threats. They may not have the tools or knowledge to monitor their cyber risk or train their employees to prevent cyberattacks.
For individual companies, our risk-management tool Breach Defence, allows businesses to manage their cyber risk easily through education, dark web monitoring and scans.
For the insurance industry and managed service providers, we can monitor for issues such as the above using our cyber risk monitoring solution, Breach Check.
You can find out more about our solutions by clicking the links above. Or, if you’d like to speak to someone in our sales team, get in touch.