CERT NZ warns of remote desktop protocol weaknesses

CERT NZ warns of remote desktop protocol weaknesses

CERT NZ saw an increase in ransomware reports in the second quarter of 2021.

Credit: Dreamstime

New Zealand’s Computer Emergency Response Team (CERT NZ) has cautioned Kiwi businesses about weaknesses in widely used remote access solutions, urging them to work with their IT service providers to tighten up their security.  

According to the national cyber agency, the majority of local ransomware attacks occur through poorly configured remote access systems, which businesses use to allow staff to access systems from outside the office – a widespread factor amid the ongoing pandemic.  

While there are a range of such systems in use, one of the most commonly used is Remote Desktop Protocol (RDP), with over 2,500 identified in New Zealand, the agency noted, adding that RDP has a number of weaknesses. 

This means that when the protocol is used over the internet it can be exploited by attackers and, indeed, is a leading contributor to the ransomware incidents that CERT NZ receives. 

Given that RDP is often exploited by attackers to gain access to an organisation’s network, CERT NZ is recommending that organisations consider other options to enable remote working, such as a virtual private network (VPN). 

“It’s essential that organisations urgently review their remote access systems, and make sure these systems are as secure as they can be. You may need to talk to your IT team or service provider about how to do this,” said Michael Shearer, CERT NZ threats and vulnerabilities principal advisor. 

To help protect local organisations, CERT NZ is currently partnering with internet service providers (ISPs) to contact businesses that use internet-exposed RDP to provide advice on how they can make remote working more secure. 

“Regardless of what technology organisations use to enable remote working, it’s important to keep your system up to date and enable two-factor authentication for logins,” Shearer said.   

More broadly, CERT NZ is concerned about the growing impact ransomware attacks are having on New Zealand, according to Shearer. 

“Recent events have brought to light the devastating effects a ransomware attack can have on an organisation. There’s been an increasing trend of these types of attacks globally over the past 18 months, and they’re only going to continue,” he said.  

Indeed, CERT NZ has seen an increase in ransomware reports in the second quarter of 2021 (April to June), compared to the first quarter of the year.  

With a total of 30 reports, the latest tally is the highest number of ransomware reports made to CERT NZ within one quarter.  

“These figures do not paint a complete picture of the extent of ransom attacks in New Zealand. These numbers only reflect what has been reported to us, however conversations with our industry partners indicate there are a lot more attacks happening,” Shearer said.  

In June, it was found that three in five small businesses believed they should be doing more to keep secure online, according to a survey by CERT NZ.

While the majority of small businesses with an online presence understood the importance of protecting their websites, some small businesses were not taking action.

Further, of that three in five, only 18 per cent strongly agreed they needed to do more while 40 per cent agreed "slightly".

Most concerning, only 45 per cent had processes in place to prevent a cyber attack.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags CERT NZsecurityransomware



How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments