We often use the remote desktop protocol (RDP) in Windows to gain access to systems thousands of miles away as if we were using them right in front of us. A lot of people with remote servers – including people who travel for work and want access to their primary “home base” computers – enjoy the convenience that this application provides.
Despite its rich, quick and easy interface, it’s probably not the best idea to use it except under exceptional circumstances. It’s dangerous enough to use your own computer on the Internet, but remotely connecting to another one adds more to the laundry list of possible things that could go wrong.
Human Error Causes Serious Problems
If you’re using RDP on a computer connected through ethernet to its router, you probably won’t immediately encounter problems related to the exploitability of Windows’ Remote Desktop application. It’s unlikely that a hacker will come by one day and target you individually with a brand new undiscovered exploit. People don’t usually waste their energy that way, but if the right malware makes it to your computer before you make a remote connection, you risk exposing both yourself and the system on the other end of the line.
Even if you are using a tight, secure environment, any malicious software that is allowed to run with administrative privileges in your system can potentially wreak havoc when you use RDP. Even the best IT professionals will make mistakes once in awhile. Nothing makes you immune to this, even if you operate in a highly-controlled corporate environment.
Hackers Can Just Inject Code
Take a look at the security updates you get for RDP. You can find them when you go to Windows Update on your operating system. Among all of the updates installed, Remote Desktop will receive a patch once in a while.
Now, think of the fact that most companies take between 100 and 120 days to come up with these patches from the moment an exploit has first been used by a hacker. It means that for over a third of a year – on average – vulnerabilities in your software remain out in the open.
Patching an operating system leads to even more complications, making it likely that Microsoft may take a bit longer to come up with a fix for vulnerabilities that present opportunities for hackers to inject arbitrary code into your transmissions with remote computers.
One such vulnerability was discovered on November 15, 2017, where lazy hackers were able to just brute-force their way into computers and randomly start executing ransomware on them using RDP. It’s not the most efficient way to exploit something, but it has devastating effects for victims.
Solving These Problems
Let’s make one thing clear: there are situations in which using some sort of remote administration utility is an absolute necessity. But in any other case, you should avoid this kind of software if you are concerned about the security of your system.
If you must connect remotely to another computer’s desktop environment, do it through a VPN. Otherwise, you’re practically communicating out in the open and anything goes. Using an open connection allows malware to “call home” and gives hackers an opening to try and infiltrate your system.
Just note that using a VPN doesn’t make you completely invulnerable to potential attacks. You should limit your use of RDP as much as possible so that you minimize the chances that something could go wrong.
Do you do anything else to protect your RDP connections? Tell us all about it in a comment!