By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
World of SoftwareWorld of SoftwareWorld of Software
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Search
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
Reading: RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Share
Sign In
Notification Show More
Font ResizerAa
World of SoftwareWorld of Software
Font ResizerAa
  • Software
  • Mobile
  • Computing
  • Gadget
  • Gaming
  • Videos
Search
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Have an existing account? Sign In
Follow US
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
World of Software > Computing > RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Computing

RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable

News Room
Last updated: 2025/02/28 at 10:33 AM
News Room Published 28 February 2025
Share
SHARE

Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you wherever you go. For businesses, this means IT staff can manage systems remotely, and employees can work from home or anywhere, making RDP a true game-changer in today’s work environment.

But here’s the catch: because RDP is accessible over the internet, it’s also a prime target for unethical hackers. If someone gains unauthorized access, they could potentially take over your system. That’s why it’s so important to secure RDP properly.

Why IT Teams Depend on RDP, Despite the Risks

More than 50 percent of Kaseya’s small and medium-sized businesses (SMBs) and Managed Service Providers (MSPs) customers use RDP for daily operations due to its efficiency and flexibility:

  • Reduces Costs and Downtime – IT teams can resolve technical issues remotely, eliminating travel expenses and delays.
  • Supports Business Continuity – Employees and administrators can securely access company systems from any location.
  • Enables Scalable IT Management – MSPs can oversee multiple client networks from a single interface.

Despite its benefits, RDP’s widespread use makes it an attractive attack vector, requiring constant vigilance to secure properly.

RDP

New Concerns: The Rise of Port 1098 Scans

Typically, RDP communicates over port 3389. However, recent security reports – like one from the Shadowserver Foundation in December 2024 – have highlighted a worrying trend. Hackers are now scanning port 1098, an alternative route that many aren’t as familiar with, to find vulnerable RDP systems.

To put this into perspective, honeypot sensors have observed up to 740,000 different IP addresses scanning for RDP services every day, with a significant number of these scans coming from a single country. Attackers use these scans to locate systems that may be misconfigured, weak, or unprotected, and then they can try to force their way in by guessing passwords or exploiting other weaknesses.

For businesses, especially SMBs and MSPs, this means a higher risk of serious issues like data breaches, ransomware infections, or unexpected downtime.

Keeping Up with Security Patches

Microsoft is aware of these risks and regularly releases updates to fix security vulnerabilities. In December 2024, for example, Microsoft addressed nine major vulnerabilities related to Windows Remote Desktop Services. These fixes targeted a range of issues identified by security experts, ensuring that known weaknesses couldn’t be easily exploited.

Then, in January’s update, two additional critical vulnerabilities (labeled CVE-2025-21309 and CVE-2025-21297) were patched. Both of these vulnerabilities, if left unaddressed, could allow attackers to remotely execute harmful code on a system without the need for passwords.

How Kaseya’s vPenTest Proactively Helps Secure RDP & More

RDP exposed to the internet is more often a misconfiguration than an intended configuration. In the last 28,729 external network pentests we have performed, we were able to find 368 instances of RDP exposed to the public internet. On internal networks we have found 490 instances of Bluekeep.

For organizations looking for a proactive method to protect their external and internal networks, tools like vPenTest are invaluable. vPenTest offers:

  • Automated Network Pentesting: The platform will perform both external and internal network pentests. IT Professionals are now able to perform the same attacks as an attacker against the networks they manage to proactively protect them and test security controls.
  • Multi-Tenant: The platform is purpose built for the multi-functional IT Team juggling multiple tasks. IT Professionals are able to manage all pentest engagements for multiple companies within the platform.
  • Detailed Reporting and Dashboard: vPenTest will generate a set of reports including an Executive Summary and a very detailed Technical Report. The platform also has a dashboard for each assessment so IT Professionals can quickly review findings, recommendations and affected systems.

For the first time in tech history, IT Professionals are now able to execute a real network pentest against the organizations they manage at scale and on a more frequent basis.

How Datto EDR Helps Secure RDP

For organizations looking for an extra layer of protection, tools like Datto Endpoint Detection and Response (EDR) are invaluable. Datto EDR offers:

  • Real-Time Threat Detection: It monitors RDP traffic for unusual behavior—like unexpected access attempts or strange port usage—and raises alerts if something seems off.
  • Automated Responses: When suspicious activity is detected, the system can automatically block or isolate the threat, stopping potential breaches in their tracks.
  • Detailed Reporting: Comprehensive logs and reports help administrators understand what happened during an incident, so they can strengthen their defenses for the future.

This means that with Datto EDR, businesses can enjoy the benefits of RDP while keeping their systems safer from modern threats.

Practical Tips to Lock Down RDP

Here are some straightforward tips to help secure your RDP setup:

  • Timely Patching: Always install updates as soon as they’re available. Vendors frequently release patches to address new vulnerabilities.
  • Limit Exposure: Restrict RDP access to trusted personnel only and consider changing the default port (3389) to something less predictable.
  • Use Multi-Factor Authentication: Adding extra steps for verification (like MFA and Network Level Authentication) makes it much harder for attackers to gain access.
  • Enforce Strong Passwords: Ensure that passwords are complex and meet a minimum length requirement to help thwart brute-force attacks.

By taking these steps, you can significantly reduce the risk of your RDP services becoming an entry point for cyberattacks.

RDP Isn’t Going Away—But Security Needs to Improve

RDP is an essential tool that has transformed how businesses operate, enabling remote work and efficient system management. However, as with any powerful tool, it comes with its own set of risks. With attackers now exploring new avenues like port 1098 and continuously finding ways to exploit vulnerabilities, it’s crucial to stay on top of security updates and best practices.

By keeping your systems patched, limiting access, using multi-factor authentication, and employing advanced security solutions like Datto EDR, you can enjoy the flexibility of RDP without compromising your organization’s security.

Stay safe and stay updated!

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter  and LinkedIn to read more exclusive content we post.

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Twitter Email Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article Putin uses NATO as an excuse for his war against Ukrainian statehood
Next Article Amazon plans to unveil alexa devices in the fall, Ceo says
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

248.1k Like
69.1k Follow
134k Pin
54.3k Follow

Latest News

TSMC’s advanced packaging capacity fully booked for the next two years · TechNode
Computing
Crypto elite increasingly worried about their personal safety | News
News
HBnnvnsFun,JshKssn,FunBnzng
News
The M4 MacBook Air is *still* chilling at its lowest price ever — but for how long?
News

You Might also Like

Computing

TSMC’s advanced packaging capacity fully booked for the next two years · TechNode

1 Min Read
Computing

Programming Paradigms: All the Things We’ve Learned Not To Do | HackerNoon

9 Min Read
Computing

Luckin Coffee records first quarterly loss in two years, negative operating margin · TechNode

1 Min Read
Computing

Huawei, Li Auto EV sales drop in April as rivals see demand soar · TechNode

5 Min Read
//

World of Software is your one-stop website for the latest tech news and updates, follow us now to get the news that matters to you.

Quick Link

  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact

Topics

  • Computing
  • Software
  • Press Release
  • Trending

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

World of SoftwareWorld of Software
Follow US
Copyright © All Rights Reserved. World of Software.
Welcome Back!

Sign in to your account

Lost your password?