We have already seen vulnerability in Remote Desktop Protocol (RDP) is a potential dangers of desktop remote-access tools commonly used by IT departments to handle help-desk issues and by administrators to manage virtualized machines.
According to reports from krebsonsecurity, A Russian company called "dedicated express" (Dedicatexpress.com) is selling access to private company servers for as little as $4. Cyber criminals have hacked around 17,000 computers worldwide using such insecure applications in server and selling them in underground markets. Although almost 300,000 compromised systems have passed through this service since its inception in early 2010.
New customers who contact the service’s owner via instant message and pay a $20 registration fee via WebMoney, a virtual currency. The price of any hacked server is calculated based on several qualities, including the speed of its processor and the number of processor cores, the machine’s download and upload speeds, and the length of time that the hacked RDP server has been continuously available online.
He found that a Fortune 500 company - Cisco server was also on sale on the "dedicated express" site. The username and the password for the RDP service were "Cisco", respectively "Cisco" The machine was a Windows Server 2003 system in San Jose, Calif., being sold for $4.55
On another note, Dedicatexpress works directly with hackers who earn commissions for selling the RDP machines to the service.
So how can you use remote desktop access safely? Follow some Tips:
- Using a strong password.
- Limit users who can log on to the host computer.
- Set the number of password attempts until the user is locked out.
- Allow only certain IP addresses to access the Remote Desktop.