Hackers Are Exploiting Remote Desktop: Here's How to Disable It
The Remote Desktop Protocol (RDP) found in every modern version of Windows is designed to let users remotely connect to a computer over a network connection. But while the feature is useful for IT admins managing a fleet of systems, or for yourself to connect to your home computer while you're away, it has also been exploited many times by hackers to stage cyberattacks. A couple of new developments indicate that problem may be getting worse.
Security researchers at Brazil's Morphus Labs yesterday (June 6) disclosed the discovery of a botnet that is trying to infect more than 1.5 million Windows systems through their RDP connections. Dubbed GoldBrute, the botnet tries to "brute force" its entry into a Windows machine by guessing the username and password. If it succeeds, the botnet malware installs itself and scans for additional RDP endpoints to strike.
This news comes a few weeks after the discovery of BlueKeep, a devastating vulnerability in the Remote Desktop Protocol that has prompted both Microsoft and the National Security Agency to beg users of older Windows computers, including Windows XP, to update their systems.
At least a million internet-facing PCs running Windows 7, Vista, XP and Server 2008 are vulnerable to "wormable" malware that could be designed to exploit the BlueKeep flaw and spread from one system to the next. Any single vulnerable machine in an enterprise network could be used as a launchpad to attack the entire network, and one proof-of-concept BlueKeep-based attack has already been demonstrated.
If you're a Windows user who doesn't generally use Remote Desktop Protocol, then we recommend making sure it's disabled. Here is how to turn off Remote Desktop Protocol to prevent hackers from exploiting your PC.
How to Disable Remote Desktop in Windows 10
- Type "remote access" into the main search box at the bottom left of the screen and select "Allow remote access to your computer." Alternatively, type "control panel" into the search box, then click System and Security, and from there, select "Allow remote access" under the System tab.
- Check the "Don't Allow Remote Connections to This Computer" box. Note: If you're asked to sign-in, then your computer is already remotely connected.
If you don't have administrative rights on your computer, you can still check to see whether remote desktop access is enabled. Click the Windows icon in the bottom left of your screen, select the Settings gear icon from the pop-up navigation bar, and type "remote desktop" into the search field at the top of the Settings window.
How to Disable Remote Desktop in Windows 8.1
Remote Desktop was removed from the Remote tab in Control Panel in Windows 8.1, as Lifewire notes. That means you're probably safe, but to make sure, you'll have to reinstate the feature just in order to turn it off.
First, download the Remote Desktop app from the Windows Store. Here's how to disable it once installed:
- Press Windows + X and press System (or type Y).
- Press Advanced System Settings from the left sidebar
- From here, select Remote and check Don't Allow Remote Connections to This Computer.
How to Disable Remote Desktop in Windows 8, Windows 7, Windows Vista and Windows XP
Navigating to the Remote Desktop settings is a similar process in early versions of Windows 8 and all versions of Windows 7, Windows Vista and Windows XP (and an optional method in Windows 10, for that matter). Here is how to disable the feature in those older operating systems.
- Select the Start button, then Control Panel.
- Open System and Security.
- Choose System.
- Select Remote Settings from the left sidebar.
From the System Properties box, under "Remote Desktop," click Don't Allow Connections to This Computer. Press OK.
Image credit: andras_csontos/Shutterstock
Windows 10 Security and Networking