VNC is the hacker's favorite remote desktop tool

Virtual Network Computing (VNC) is the remote desktop tool most targeted by attacks, accounting for 98 percent of the traffic across all remote desktop-specific ports.

This finding comes from Barracuda which has released a new Threat Spotlight report looking at the most common tools, associated ports, and the ways in which attackers can, and do, gain access.

The simplest and most common attack method used against remote desktop software, including VNC, is the abuse of weak, reused, and/or phished credentials. These offer an attacker immediate access to the systems the user has access to. Remote desktop software implementations can also be vulnerable to software bug exploits and technical support scams.

The second most targeted tool is the Remote Desktop Protocol (RDP), but this accounts for only about 1.6 percent of the attempted attacks detected. Other remote desktop tools targeted by attackers include TeamViewer, Independent Computing Architecture (ICA), AnyDesk, and Splashtop Remote.

"Remote desktop solutions are useful and popular business tools that allow employees to connect into their computer network from wherever they are. Unfortunately, they are also a prime target for cyberattack," says Jonathan Tanner, senior security researcher at Barracuda. "There are many different tools available, each using different and sometimes several virtual connection points, or ports, which make it harder for IT security teams to monitor for malicious connections and subsequent intrusion. Standardizing on one remote desktop solution across the organization will enable the IT team to focus resources on managing, monitoring, and securing the associated ports, blocking other traffic."

Barracuda also recommends implementing defense-in-depth security solutions that can spot suspicious port traffic across the network.

You can read more on the Barracuda blog.

Image credit: PopNukoonrat/Dreamstime.com