The pandemic has drastically changed the way we work, forcing employees to do large parts of their jobs remotely. Cybercriminals are aware of this shift and will attempt to exploit these new opportunities.

Further reading:
Spearphishing scams disguise malicious files as Covid-19 data
How do Covid-19 scams happen?

Today, a large proportion of office work occurs via home devices with workers accessing sensitive company systems through Windows’ Remote Desktop Protocol (RDP) – a proprietary solution created by Microsoft to allow connection to the corporate network from remote computers. Despite the increasing importance of RDP, businesses often neglect its settings and protection. Employees are using easy-to-guess passwords, and without additional layers of authentication or protection, there is little stopping cybercriminals from compromising an organization’s systems.

RDP has become a popular attack vector, especially regarding ransomware. These cybercriminals typically brute-force their way into a poorly secured network, elevate their rights to admin level, disable or uninstall security solutions, and then run ransomware to encrypt crucial company data.

Introducing Remote Access Shield 

To address the growing risks posed by increasing RDP use, Avast Business has added a new layer of protection to all next-gen antivirus solutions. The new Remote Access Shield is available in version 20.7 of Antivirus, Antivirus Pro, and Antivirus Pro Plus.

Remote Access Shield protects against attacks in three ways:

1. Detects and block brute-force attacks by counting unsuccessful login attempts within a specified period of time and blocks the IP address associated with these attempts.
2. Secures known OS vulnerabilities and prevent RDP exploit attacks aimed at breaching them.
3. Automatically blocks all IP addresses known to distribute malware by exploiting RDP ports. Our database is continuously updated using our AI algorithm.

How to enable Remote Access Shield

If you're using the Avast Business Management Console:

• Go to Policies
• Select Windows workstations 
• Scroll down to Remote Access Shield and enable it 

Please note the new shield is not available in CloudCare.

For unmanaged antivirus users:

• Go to the client
• Select protection
• Enable Remote Access Shield 

Enhance your ransomware protection by enabling the Remote Access Shield for your business or customers today.