According to a new report from cybersecurity firm McAfee, hackers can now purchase the login credentials of government institutions’ systems at a cheap price on the dark web.
Government-owned Windows-based systems that make use of Microsoft’s remote desktop feature are now prone to infiltration.
Login credentials for government institutions and other vital entities such as airports and hospitals are now up for sale on the dark web.
Government Systems Infiltrated
Microsoft has a remote desktop feature for Windows users. The feature allows one to connect and operate a Windows PC from any remote location.
Hackers have been able to gain the login credentials of such connections in systems operating within government institutions.
The credentials are now listed for sale on the dark web for as little as $3.
In a detailed report, McAfee’s Advanced Threat Research team has established that hackers have gained access to many government institutions’ systems.
Many of these institutions are the ones that use the remote desktop feature.
McAfee reveals that the RDP (Remote Desktop Protocols) connections up for sale on the dark web can connect buyers to between 15 and 40,000 systems.
In a bid to keep up with the demand, hackers continue to scan the internet for systems with RDP connections.
Apparently, most of these systems are turning out to be government institutions’ systems.
They attack the systems using tools such as NLBrute, RDP Forcer and Hydra to log in to a remote PC.
Once they have access, they post the login credentials for sale on darknet markets and hacker forums that serve this niche.
The buyers could easily use the connection to stall the systems and demand ransom payments.
Vital Institutions Targeted
All Window platforms from XP to Windows 10 have been affected. John Fokker, head of cyber investigations at McAfee, revealed in the report that a connection with administrator rights was being sold for $19.
All kinds of devices—from mobile phones to desktops to Internet of Things tools—have been affected by the practice.
Government institutions and other critical infrastructure networks have fallen victim to the infiltration—particularly in the U.S.
This development points to a certain level of neglect on the part of the administrators and IT staff in these institutions.
Many of the effected systems are not regularly updated, making them an easy target for hackers.
Government institutions need to wake up to the reality that criminals are lurking in the internet seeking to infiltrate their systems.
Access to the systems could be used to spread malware or propagate other cyberattacks.
Systems such as those of airports should be solid. It is unfortunate that they are part of those at risk of infiltration.
These are cases of criminals taking advantage of weak points left neglected by systems administrators.
Remote connections cannot be done away with. They are essential. This is why it is exceedingly important that they are duly secure.
These are systems that are directly connected to the welfare of the general public.
Employees in these institutions should be educated on how to keep their remote connections secure, to ensure hackers have no weak points to exploit.
They should also be made aware of the risks so that they can initiate the necessary steps to ensure their connections are robust and secure.