Many businesses have been forced to pivot to remote work environments in the wake of the COVID-19 pandemic. Unfortunately, this change may have increased exposure potential for remote desktop protocol (RDP) attacks.

When global lockdowns were initiated in early 2020, most organizations prioritized business continuity and remote access capabilities to the detriment of server, network and workstation security. The pandemic became a prime opportunity for attackers to launch RDP attacks by identifying public-facing servers with open ports and unpatched vulnerabilities, and working to exploit those weaknesses. Attackers then used common intrusion techniques, like brute force password attacks, to gain access to these organizations’ vulnerable infrastructure and data.

What is RDP?

Remote desk protocol (RDP) is a network communications protocol developed by Microsoft and consists of a digital interface that allows users to connect remotely to other servers or devices. Through RDP ports, users can easily access and operate these servers or devices from any location. RDP has become an increasingly useful business tool—permitting employees to retrieve files and applications stored on their organization’s network while working from home, as well as giving IT departments the ability to identify and fix employees’ technical problems remotely.

Unfortunately, RDP ports are also frequently being leveraged as a vector for launching ransomware attacks, which entail a cybercriminal deploying malicious software to compromise a device (or multiple devices) and demand a large payment be made before restoring the technology for the victim. In fact, a recent report from Kaspersky found that nearly 1.3 million RDP-based cyberattacks occur each day, with RDP reigning as the top attack vector for ransomware incidents.

Don’t let RDP contribute to a costly ransomware incident for your organization. Review the following guidance to learn more about how ransomware attacks can occur via RDP and best practices for minimizing the likelihood of such an incident.

Ransomware attacks via RDP

RDP-based ransomware attacks usually stem from organizations leaving their RDP ports exposed to the internet. Although doing so can seem more convenient for employers in the scope of remote work operations, internet-exposed RDP ports are easy for cybercriminals to identify and offer a clear access point for deploying harmful attacks.

The typical process of an RDP-based ransomware attack is as follows:

  1. Scanning—First, a cybercriminal utilizes a port-scanning tool to search the internet for any exposed RDP ports. These scanning tools are often free and relatively simple to operate for attackers of varying skill levels.
  2. Gaining access—After identifying an exposed RDP port, the cybercriminal then gains access to the targeted server or device by using stolen credentials. Attackers can secure these credentials by either purchasing them on the dark web or implementing a brute-force tool that can rapidly input a series of usernames and passwords until the correct combination is found.
  3. Disabling security features—Once the cybercriminal has accessed the targeted server or device, they attempt to make it as defenseless against an attack as possible by disabling any existing security features (e.g., antivirus software, data encryption tools and system backup capabilities).
  4. Executing the attack—From there, the cybercriminal is able to steal sensitive data and deploy a ransomware attack on a vulnerable server or device. Some attackers even install backdoors during this step to allow for easy access during future attacks.

Like other ransomware incidents, RDP-based attacks can result in devastating ramifications for the impacted organization—including business interruption issues, reputational damages and large-scale financial loss.

Strengthening RDP against ransomware

Although RDP-based ransomware attacks have become increasingly common, there are several ways for you to bolster your organization’s RDP security and lessen the risk of such an incident impacting your operations. Consider the following best practices:

  • Close your RDP connection. First and foremost, ensure that your RDP connection is not open to the internet.
  • Establish a virtual private network (VPN). To keep your RDP port from being exposed to the internet, be sure to establish a VPN. This will allow remote employees to securely access your organization’s RDP port, while also making the port far more difficult for cybercriminals to locate online.
  • Elevate authentication protocols. Because cybercriminals require login credentials to properly execute an RDP-based ransomware attack, make sure you have effective user authentication protocols in place. Specifically, encourage employees to develop unique passwords for all of their devices and accounts. These passwords should be an appropriate length, refrain from using common words or phrases, and contain several special characters. In addition to strong passwords, consider requiring multifactor authentication for RDP port access as an extra layer of protection.
  • Implement login attempt limits. To stop cybercriminals from being able to deploy brute-force tools to secure login credentials during an attack, update RDP port protection features to detect when multiple failed login attempts have occurred in a short period of time. Establish a limit on how many incorrect logins can occur before the user is blocked from further attempts—therefore halting an attack.
  • Utilize adequate security software. Ensure all workplace technology is equipped with top-rated security software—including antivirus programs, a firewall, data encryption features and a gateway server—to deter attempted attacks. Update this software on a regular basis.
  • Restrict employee access. Be sure to uphold the principle of least privilege by only providing employees with RDP access if they absolutely need it to conduct their work tasks. These employees should be trusted and trained in appropriate RDP usage. After all, granting extra employees unnecessary RDP permissions simply creates additional security gaps.
  • Have a plan. Lastly, make sure your organization has an effective cyber incident response plan in place that addresses RDP-based ransomware attack scenarios. This plan should promote the backup storage of any critical data in multiple secure locations (both on-site and off-site) to minimize potential losses. Practice this plan regularly with staff and make updates as needed.

Cyber coverage to consider when fighting against ransomware

  • Cyber Threats or Extortion: reimbursement for payment resulting from a threat to prevent access to your computer system, introduce a virus to your system, reveal your confidential information, or damage your brand or reputation by posting false comments on social media sites.
  • System Damage: costs you incur to retrieve, restore or replace any of your computer programs that are lost or damaged.
  • Business Interruption: replacement of your lost income resulting from a computer system outage because of a cyber attack.
  • Regulatory Actions or Investigations: coverage for costs, expenses, fines and penalties as a result of a regulatory investigation arising out of an actual or suspected breach.

The level of coverage your business needs is based on your individual operations, and can vary depending on your range of exposure. It’s important to work with an Insurance Advisor that can identify your areas of risk, and customize a policy to fit your unique situation.

We can help you recover from a ransomware attack

Businesses are operating in an environment where it’s not a matter of IF a cyber attack will occur, it’s only a matter of when.

We need to take reasonable measures to reduce the likelihood of an attack, but we also need to be realistic and understand that inevitably, we’ll all deal with a cyber attack at some point.

The two most important questions you need to answer as a business owner are:

  1. Will I know how to respond when a cyber attack occurs?
  2. Will my business survive the devastating consequences of a cyber attack?

The planning you do today, the strategic partnerships you put in place, and the adequacy of your Cyber & Data Breach Insurance coverage are all critical components to confidently answering the question of ‘will my business survive after a cyber attack’ with a resounding ‘ABSOLUTELY.’

We understand the negative effects a cyber attack can have on your organization, we’ve seen first-hand how it impacts clients. We also know which insurance companies provide the broadest insurance coverage to help you recover after an attack occurs.

But we don’t stop there.

The best place to begin is with your own internal operations, the security measures you have in place, and the controls implemented to avert a data breach.

In addition providing the Cyber & Data Breach Liability coverage, we can also provide you several services that will help position your business for the best insurance premiums offered by the nation’s strongest insurance carriers.  Specifically, we can:

  • Provide you with data security resources designed to help keep your data, and your network, safe
  • Perform a cyber risk assessment of your business to help identify areas of weakness, and offer solutions to mitigate the exposures
  • Help you develop and implement an incident response plan

To learn more about the ways we can help simply Request a Proposal and we’ll get to work right away.

Tom Simon

Tom Simon

Chairman of the Board

Tom has worked in the insurance industry since 1977 holding numerous positions from Account Executive and Agency Manager, President to his current role. He combines his unique ability of thinking differently with his wealth of insurance and business experience to propel CoverLink to new levels of success.

In his spare time, he enjoys spending time with his family, especially his grandkids. In addition, he’s also an avid woodsman… yes, you read that correctly. He can often be found yelling “timber” or just splitting firewood for family and friends.

 

email

Matt Simon

President

Prior to joining the team at CoverLink in 2006, Matt worked as an Underwriter with a multi-state insurance company located in Columbus, Ohio. Matt is a Certified Insurance Counselor (CIC) and Chartered Property and Casualty Underwriter (CPCU), having successfully completed the rigorous coursework and exams to earn these designations.

He also serves on the Board of Directors for the Ohio Insurance Agents Association and the Associated Risk Managers of Ohio, in addition to volunteering his time to multiple other community and industry organizations.

In 2013, Matt was awarded and recognized as the National Young Insurance Agent of the Year, and in 2019 he was recognized as the Insurance Advisor of the year by Finance Monthly.

 

team-email    team-linkedin    team-facebook

Gina Loehr

Gina Loehr

Senior Account Manager

Gina oversees the Commercial Lines division at CoverLink, which is responsible for managing the business insurance needs for clients.

She has worked in the insurance industry since 1980, beginning as a Commercial Underwriter with a regional company located in Springfield, Ohio.

In 1984, she earned her Certificate in General Insurance, and in 1995, her Accredited Advisor of Insurance designation.

In her spare time, she enjoys spending time with her family, including four grandkids, and biking.

 

email    team-facebook

Kyle Carper

Account Manager

Kyle joined the CoverLink team in 2018 as in intern when he was a junior in high school. Shortly after, he began studying to obtain his insurance license, which he passed in 2020 and joined our Personal Lines division.

Kyle helps individuals and families with their home, auto, umbrella and other personal insurance needs, which he thoroughly enjoys.

In his spare time, he enjoys spending time with the ones he loves, watching sports and playing video games.

 

email    team-linkedin    team-facebook

Tim O’Rielley

Senior Insurance Advisor

Tim works with individuals, families and businesses to design insurance policies perfectly suited to their specific needs.

He has been working in the insurance industry, and with CoverLink, since 1993. As a lifelong resident of Logan County, he’s been involved with a number of community organizations, often taking the leadership role such as President of the Chamber of Commerce, and the United Way.

He’s often found spending as much time as possible with his two daughters, and his grandkids

 

email    team-linkedin    team-facebook

Mark Osborne

Account Executive

Mark has worked at CoverLink since 2004. He specializes in life and health insurance, where he utilizes his extensive knowledge to help clients make sense of a confusing and ever changing market.

He also holds the Property & Casualty Insurance License, and often helps families as well as small businesses to set up their insurance protection plan.

Mark graciously volunteers his time to several community organizations, and enjoys spending his free time with his family

 

email    team-linkedin

Leah Loehr

Account Manager

Leah joined the Commercial Lines division at CoverLink in 2012 where she works closely with business owners on their Commercial Insurance needs to help them achieve their desired level of protection.

Leah is known for her outgoing personality, positive attitude, and relentless pursuit of the goals she sets out to achieve. Clients often rave about her and the service she provides.

In her spare time, Leah enjoys spending time with her family and friends… and she can often be found at the closest Buffalo Wild Wings!

 

email    team-facebook

Larry Middaugh

Larry Middaugh, PLCS

Senior Insurance Advisor

Larry joined CoverLink with an extensive background in sales, bringing over 30 years of experience and commitment to taking care of his clients in the banking and mortgage industry.

Larry’s dedication to his clients aligned so well with the CoverLink tradition of relentlessly caring for, and protecting its clients, that he joined the team of Licensed Insurance Advisors in 2015.

Those in need of Personal or Business Insurance are delighted after working with Larry.

Larry defines success as knowing his purpose in life, continuing to grow to reach his fullest potential and sowing seeds that benefit others. He’s a father of three incredible children and husband to an amazing, kind and loving wife.

 

email    team-linkedin    team-facebook

Tony Fink

Tony Fink, CIC, CLCS

Insurance Advisor

Tony is responsible for serving the needs of individuals and businesses looking for property & casualty insurance. In addition, he’s licensed and capable of advising clients that desire life insurance protection.

He’s a Certified Insurance Counselor (CIC) and a Commercial Lines Coverage Specialist (CLCS), having successfully completed the rigorous coursework and exams to earn these designations.

Tony entered the insurance industry in 2008 bringing a diverse background of experience and knowledge to his Account Executive position with CoverLink.

In his free time, Tony enjoys spending time with his family, being outdoors, following sports and listening to music.

 

email    team-linkedin

Meg Barton

Meg Barton

Senior Account Manager

Meg works in the Commercial Lines division at CoverLink as an Account Manager, where she helps businesses with their varying & complex insurance needs, from Business Auto to Commercial Liability, Directors & Officers to Commercial Property.

Meg earned her Bachelor’s degree in Business Management from Urbana University in Ohio. She has been active in the insurance industry since 2006, and is an Ohio Notary.

In her spare time, Meg enjoys spending time with her family at Indian Lake, listening to live music and reading.

 

email    team-linkedin    team-facebook

Jordan Springs

Jordan Springs

Account Manager

Jordan joined the CoverLink team in 2017, bringing top-notch client service skills acquired through several years in the banking industry.

She’s constantly assisting and advising clients on their personal insurance needs – home, auto, jewelry, umbrella and other policies – not to mention, she’s just plain fun to be around!

In her spare time, Jordan enjoys spending time with family and friends, especially her husband and two kids.

 

email    team-facebook

Jill Rawlins

Jill Rawlins

Account Manager

Jill works in the Personal Lines Department where she helps individuals and families with their Home, Auto, Umbrella and other personal insurance needs.

She graduated with her Bachelor’s Degree in 2009 from Otterbein University, and shortly after began her career in the insurance industry.

In addition to holding the Ohio Property & Casualty Insurance License, she also has her Accident & Health, Life and Variable licenses.

Jill enjoys spending as much time as she can with her family, and especially enjoys being with her little girl who makes her laugh often.

 

email    team-facebook

Chris Badenhop

Chris Badenhop

Insurance Advisor

Chris joined the CoverLink team in 2017 with a diverse and exciting professional and educational background. He works with individuals, families and businesses to find the ideal solution for their insurance needs.

He brings a positive attitude and a desire to help his clients in his position as an Insurance Advisor, but most importantly, he shares one of the most fundamental beliefs we hold dear within our organization: he cares. He cares about his clients, he cares about protecting all that’s important to them, and above all, he cares about doing what’s in the best interest of his clients. His enthusiasm and empathy set him apart, and he’s backed by the top-notch service provided at CoverLink, making him a tremendous asset to his clients. In short, Chris puts people before policies.

In his free time Chris enjoys spending time in the outdoors hunting and fishing. He’s also a passionate sports fan devoting support to all levels of play.

 

email    team-linkedin    team-facebook

Joe Cooney

Joe Cooney

Senior Insurance Advisor

When considering business insurance, contracts and requirements are often complex and confusing. As professional insurance agents, CoverLink is in a position to help. We’ll help you secure the right business insurance at the right price so you can enjoy the security and peace-of-mind you deserve, and spend time focusing on your business and not your insurance.

 

email    team-linkedin    team-facebook

Kelli Young

Kelli Young

Director of Marketing

Kelli brings extensive marketing expertise to CoverLink after spending nine years in the automotive industry, where she gained valuable insight in the areas of design, digital presence, and content creation.

After joining CoverLink in 2015, her focus has been on telling the story of our long standing belief, that people are more important than policies, in a fresh way with a digital twist, allowing consumers who believe what we believe to find us easier.

Kelli graduated from Ohio University in 2006 with a Bachelor’s Degree in Communications, and earned her Master’s Degree in Business from Ashland University in 2010.

She enjoys spending time with her family, especially being outside with her son and two daughters.

 

email    team-linkedin    team-facebook

Jami Radern

Jami Rader

Director of First Impressions

As the Director of First Impressions, Jami brings top-notch client service skills. She’s constantly assisting clients with billing inquiries, working to resolve any frustrating issues they’re having, and she’s just plain fun to be around!

In her spare time, Jami enjoys spending time with family, especially her husband and four children and going on four-wheeling trips together.

Erika Asher

Account Manager

Erika works in the Commercial Lines division at CoverLink as an Account Manager, where she helps businesses with their varying & complex insurance needs, from Business Auto to Commercial Liability, Directors & Officers to Commercial Property.

In her spare time, Erika enjoys hiking, reading, and spending time with her son.

 

email

Erin Whitaker

Account Manager

Erin joined the Personal Lines division at CoverLink in 2019, as an Account Manager, where she helps individuals and families with their Home, Auto, Umbrella and other personal insurance.

She previously worked in the healthcare industry before getting her insurance license in November of 2018.

When Erin isn’t at work, you can find her cheering on her kids at various sporting events almost every day of the week. In addition, she enjoys planting flowers, finding rusty items to decorate with and spending as much time with her family as possible.

Alissa Grim

Alissa Grim

Account Manager

Alissa works as an Account Manager where she helps individuals and families find the insurance that best fits their needs.

In addition to earning her Ohio Property & Casualty Insurance license in 2008, Alissa received her Life Insurance License in 2010.

In her spare time, Alissa enjoys spending time with her family camping, and watching her son race go karts around the U.S.

Vickie Allen

Vickie Allen

Account Manager

Vickie has worked at CoverLink since 2000 helping clients with a diverse set of needs, from securing the coverage that’s best for their individual situation, to providing guidance when claims or billing questions arise.

Vickie currently holds the Ohio Property & Casualty Insurance License, and is well known to clients because of her infectious personality and radiant smile that greets them when visiting the office.

In her spare time she enjoys spending time with family and friends, and traveling.

Randy Leopard

Randy Leopard

Vice President

Randy began his insurance career in 2000 working with both personal and business clients on their health insurance needs.  In 2008, he expanded his area of focus to include all types of insurance his clients needed from home & auto insurance, business insurance and farm insurance.

Randy resides in Urbana where he enjoys spending time with his family, and watching his horses race from time to time.

Melodi Wilkins

Melodi Wilkins

Senior Account Manager

Melodi has called CoverLink her ‘work home’ since 2009.  In her position as a Senior Account Manager, she works closely with clients needing home, condo, renters, auto, umbrella and other types of personal insurance coverage. Melodi also provides service and assistance to businesses regarding their insurance protection needs.

In her spare time, Melodi enjoys being outside and spending time with her family, especially with her granddaughter.

Morgan Edwards

Morgan Edwards

Account Manager

Morgan joined the CoverLink family in 2019, as an Account Manager. She helps her clients with personal insurance needs such as, home, condo, renters, auto umbrella and more. In addition, she works closely with business owners on their Commercial Insurance needs to help them achieve their desired level of protection.

In her spare time, Morgan enjoys spending time with her family and friends, making memories and enjoying all that life has to offer!

Sam Ankrom

Insurance Advisor

Sam joined the Coverlink team in 2020 with a strong passion and drive to help people. As an insurance Advisor with his Property & Casualty license, he assists individuals and business with all of their insurance needs.

He is dedicated to going above and beyond for his clients and wants to make sure every client is not only properly insured, but can also feel like a part of the Coverlink family. Sam is committed to helping everyone feel confident and comfortable with their insurance decisions and have the peace of mind knowing they are taken care of by not only himself, but by the entire Coverlink team.

Outside of work you can usually find Sam spending time with friends and family, or outside on the golf course.