Since 2018, remote desktop compromise (RDP) and phishing have battled for dominance as the primary initial attack vector in ransomware attacks. The latest data shows that RDP is no longer the contender is once was.
The good news is that, according to the latest Quarterly Ransomware Report from ransomware response vendor Coveware, abusing internet-facing RDP may becoming a thing of the past. The bad news? Cybercriminals are finding plenty of other ways to gain access to victim networks.
According to the Coveware report, RDP and phishing have been going back and forth as the primary initial attack vector. But the latest data shows that software vulnerabilities are on the rise as the initial attack vector – representing approximately 25% of all ransomware attacks – with RDP dropping significantly from approximately 30% in Q2 of this year to around 20%.
Phishing still represents approximately 35% of the initial attacks, making it still critical for organizations to remain vigilant, teaching their employees through security awareness training to be mindful with every email they read, every link they click, and every attachment they open.