Skip to content

Risks of Unsecured Remote Desktop Connections

Nino Vales 2018-06-18
risks-of-remote-desktop
The ability to connect to your work computer or remote desktop server remotely provides added productivity to some employees.

However, the risks of having this incorrectly configured outweigh the convenience it provides.
There are plenty of remote control or desktop sharing programs available. But not all organizations have policies regarding remote access. This leads to several non-standardized and unsecured approaches to setting up remote access to work computers.

In the past, enabling remote desktop access and configuring the firewall to forward the necessary ports allows people to connect to their work computer. Most of the time, this is configured in a not secured manner and often scanned and exploited by the bad guys.

Using a weak password and a public remote desktop connection is a recipe for disaster. It also affects the performance of the remote connection due to constant attempts of unauthorized logins.

Things to consider with having an unsecured remote desktop setup:

  • First of all, this is not secure and not recommended. If the firewall port is exposed to the public, any IP address can scan and forcefully connect to it. Anyone located from different parts of the world can try to brute force their way into your computer.
  • The computer can be infected with malware, ransomware, or data theft. Things like installing backdoor programs or identity theft can occur if they gain access to a machine.
  • If a lockout policy is in place, the accounts will be locked down due to incorrect password attempts causing a denial of service to the owner of the account.
A workaround to secure the connection is by limiting the trusted IP addresses allowed to connect remotely. Instead of opening it to the public, it will be limited to trusted IP addresses only.

But home routers commonly have a dynamic IP address assigned by the Internet Service Provider (ISP), which means it changes periodically. Once the IP changes, then the remote access is revoked. This defeats the purpose of having access to your computer remotely whenever you need it. Some routers support dynamic DNS or hostnames, but not all support it for port forwarding. It will be unreliable to have a dynamic IP added to the trusted IP addresses. Static IP addresses provide a fixed and trusted connection but might not be available for residential customers.

 

An ideal and hardened approach to secure the connection is thru a Virtual Private Network (VPN).

VPN sets up a secure tunnel between your remote location and your office network. This will encrypt the connection and prevent outsiders from logging in using a remote desktop to your work computer.

Suppose you are connecting to your work computer or a terminal server remotely and not familiar with VPN. Please get in touch with your administrator to review and secure your existing setup.

It is strongly recommended to secure all public remote desktop ports in your network. It is risky, outdated, and can easily be exploited.


Attackers will take advantage of every loophole they can find. Business continuity is important and information security should be taken seriously.