"RDP Attacks Decline 89% in Eight Months"

Security researchers at ESET have found that detections of RDP password-guessing attacks declined from 123 billion in the first four months of the year to 13 billion in the period May-August.  The researchers stated that there was an 89% decline in total RDP attack detections from T1 to T2 2022 and a 23% drop in unique clients reporting attacks over the period.  Most of the RDP attacks recorded were aimed at targets in Poland, the US, and Spain, with Russian IPs accounting for most (31%) detections.  The researchers noted that there could be several drivers behind the decline in RDP compromise attempts, including changes in working patterns, which may mean remote connections are being used less, and defensive improvements.  The researchers noted that RDP is a top-three initial access vector for ransomware.  The researchers claimed that password guessing still accounted for the largest number of network intrusions (41%) over the past four months, followed by the exploitation of Log4j (13%).

Infosecurity reports: "RDP Attacks Decline 89% in Eight Months"