Bruteforce attacks involve cybercriminals trying to guess passwords or encryption keys by systematically testing multiple combinations until the correct one is found. These attacks often target Remote Desktop Protocol (RDP), a tool used for remote computer access. Once access is gained, attackers can cause major financial and data losses.
According to Kaspersky, attackers often use tools like Bruteforce.Generic.RDP to target business systems. The widespread use of RDP among both IT administrators and regular users makes it a common entry point for cybercriminals.
“On a daily basis, we are looking at more than 145,000 attempts to break into enterprises and small businesses in SEA. That’s a lot, especially considering the current shortage of cybersecurity professionals in the region,” said Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
The report also revealed sharp increases in RDP attacks in Indonesia and Malaysia. Indonesia experienced 14.6 million attacks in 2024, up 25% from 11.7 million in 2023. Malaysia saw a 14% rise, with over 3.1 million attacks in 2024 compared to 2.8 million the previous year.
Hia warned that advancements in Artificial Intelligence are making these attacks faster and more dangerous. “AI now acts as a reliable assistant to cybercriminals, helping them guess passwords and break encryptions more efficiently,” he said.
Kaspersky stressed the importance of improving cybersecurity practices, especially when employees work outside company networks. Such situations increase the risk of confidential data being exposed or stolen.
To protect against bruteforce attacks, Kaspersky recommends businesses:
• Use strong and unique passwords
• Restrict RDP access to corporate VPNs
• Enable Network Level Authentication (NLA)
• Implement two-factor authentication
• Disable RDP and close port 3389 if not in use
• Install and maintain reliable security solutions
With cyber threats growing in volume and complexity, Kaspersky urges businesses in Southeast Asia to strengthen their cybersecurity measures and regularly assess their IT infrastructure.
Source: IT Brief
Tags:
Cybercrime in World
