Replace RDP with the most secure remote desktop tool
Nobody wants to worry about extra security issues - especially around remote access to a business network. That's why yesterday's headlines about Remote Desktop Protocol (RDP) were troubling:
Flaws in both open-source RDP clients and in Microsoft's remote desktop client make it possible for a malicious RDP server to infect a client computer - which could then allow for an intrusion into the IT network as a whole. ThreatPost, Feb. 5, 2019
Clearly, the possibility of a "reverse RDP attack" is worrisome. These remote desktop vulnerabilities can't be ignored. Since RDP powers the most common ways for remotely connecting to other computers - inside and between networks - any flaws in the protocol have to be taken extremely seriously.
Thousands of businesses of all sizes could have points of vulnerability through RDP. Thankfully, there are a few simple ways RDP users can address the issues and protect their networks.
How bad are these RDP flaws, exactly?
From ThreatPost: "the vulnerabilities make it possible to... [reverse] the usual direction of communication and [infect] the client computer - that could then allow for an intrusion into the IT network as a whole."
So far, security researchers at Check Point Software (NASDAQ: CHKP) have identified 25 security vulnerabilities - 16 of which are described as "major" flaws, according to Computer Business Review.
Among other things, they can result in data leaks, denial of service, memory corruption, and remote code execution.
Check Point described several attacks that can be made through the RDP vulnerabilities.
1. A malefactor could attack an IT member that connects to an infected work station inside the corporate network, thus gaining higher permission levels and greater access to the network systems.
2. A bad actor could reverse a malware researcher that connects to a remote sandbox virtual machine that contains a tested malware. This allows the malware to escape the sandbox and infiltrate the corporate network.
3. If blue security research teams installed organizational honeypots to attack red teams that try to connect to them through the RDP protocol. - ThreatPost
Check Point researchers described one scenario like this: "A malicious RDP server can transparently drop arbitrary files to arbitrary file locations on the client's computer. For example, we can drop malicious scripts to the client's startup folder, and after a reboot, they will be executed on his computer, giving us full control."
Here's a link to the full report.
How Netop solves these issues
We pioneered secure remote desktop solutions in the 1980s, and we're the solution of choice for more than half of the Fortune 100. Our remote desktop software makes these RDP issues irrelevant.
Some Netop clients still use RDP for basic functions, but they prefer our solution for their more secure remote desktop processes.
Ideally, we want you to never worry about remote connections.
Before a remote session begins, Netop users must be fully authenticated - and our authentication processes are bulletproof. There's another layer, too: every session's connection uses DTL, with the encryption level negotiated between the computer initiating the connection and the one being accessed. A malicious actor would have to compromise the host machine's module, which doesn't use an open protocol as RDP does.
As for the clipboard issue in RDP, Netop isn't vulnerable to the exploit because clipboard transfer and synchronization doesn't automatically copy files.
Check out our page to see some highlights of Netop features that will keep your business networks secure in a way RDP never can:
- Outbound connections let you close inbound ports
- 256-bit AES encryption
- Set maximum invalid password attempts
- MAC / IP address filtering
- Advanced role-based security polices
- Access confirmation prompts
- Multiple authentication options
In a response to ThreatPost on Tuesday, Microsoft confirmed that they have no plans to address the issues with a security update.
You have options, though. Switch to Netop from RDP today.
Grady Locklear is the Content Marketing Manager at Netop