Working via a remote desktop is more popular than ever. Unfortunately, that also means that remote desktop connections are a major target for hackers looking to intercept and steal commercially sensitive information.
Generally, remote desktop hacks all operate in a similar way. A malicious user will first compromise a computer on your network, and attempt to connect to your remote desktop system using your standard remote desktop protocol. They will then attempt to elevate their privileges on this network in order to gain administrative power. Even if they are not successful in gaining this level of access, the flood of incoming connections can paralyze your network, and make it impossible for legitimate users to connect.
Table of Contents
This type of attack is particularly common for users using the Windows default Remote Desktop Protocol (RDP), only because this is the most commonly used system. Before implementing a remote desktop system, therefore, you should take a look at a guide to the top remote desktop software, and also make sure that your remote assistance software is hardened against cyberattack.
Beyond these basic steps, there are a few more you can take to improve the security of your remote desktop system.
Use a VPN
Using a Virtual Private Network (VPN) is one of the best ways to stay safe when working remotely. When using a VPN, your machine will first make an encrypted connection to your private network, and only then will it attempt to sign in to your remote desktop system.
Since your private network is encrypted and hosted outside of your server, this tool doesn't require any additional server resources. A VPN will also assign a dedicated IP address to every machine connected to the network, and will only allow trusted IP addresses to connect to the network.
This makes it extremely difficult for hackers to make illegitimate requests from your remote desktop environment. It also ensures that – even if someone gets into your network – they will not be able to read the information that you are sharing across it.
Firewalls are another extremely effective way of reducing the risk associated with remote desktop environments. If you take security seriously, you are likely already using a firewall to protect and monitor your website. If you are not, do that immediately.
A firewall will also protect your remote desktop system. The best firewalls will allow you to configure which IP addresses and which computers can connect to your servers. Using this tool, you can automatically shut out anyone who tries to connect from an untrusted location.
In addition to installing a firewall on the server that handles your remote desktop software, it’s also important to install uptime monitoring services that will be connecting to the remote desktop. Most network and website monitoring tools today have APIs that connect with firewall software, alerting it if one connected machine is compromised and nipping it in the bud so that it doesn’t infect other computers in the network.
Restricting the RDP Port
By default, remote desktop connections are handled by one port: 3389. Restricting access to this port on your server firewall is a good way of limiting the scope for malicious connections. You can restrict access to this port to a specific set of IP addresses so that no-one else can connect to it.
This process is known as 'scoping' the port and is actually really easy to do using the default Windows firewall. Log into your server, go to your firewall settings, and you'll see an option for 'inbound rules'. In that menu, there is another option for 'RDP', where you can specify which IP addresses are allowed to connect to your server in this way.
Implementing this security measure requires, of course, that you know the IP addresses from where your staff will be accessing your remote desktop environment, and that these IPs stay static. The best way of ensuring that is using a VPN (see above), which will automatically assign a dedicated IP address to each machine.
Changing The RDP Port
Going further, you can even change the default RDP port to another one. Because hackers know the default RDP port, most brute-force attacks are designed to target this port. By changing the default port, you can avoid this type of attack.
Changing the default RDP port on your server is a slightly more technical process, but there are plenty of guides on how to do this. It can also be a good solution if your staff are unable to use static IP addresses when working remotely because in that case scoping the port is impossible.
Whilst I'm on the subject, it's also worth noting that this same technique – changing the default ports for particular types of connection – is a relatively easy and effective way of limiting DDoS attacks. Changing the ports for your cloud storage file sharing, for instance, will improve your cloud security, and you can even change the ports you use for VOIP if you want to harden that system as well.
The Bottom Line
Security is as important when using remote desktop software as when using any other connected system. And as remote working is becoming more popular, so attacks on these systems are becoming more popular as well.
Taking the basic steps above to protect your remote desktop environment is a great start to hardening your system against the most common forms of cyberattack. By using a VPN, a firewall, and limiting access to this system, you can significantly reduce the vulnerability of it.
Since remote desktop environments typically give users access to all of the information stored on a particular server, securing them should be one of the top priorities when it comes to network security. The consequences of someone gaining access to your remote desktop system with malicious intent can be severe, so make sure you protect yourself immediately.