Epic fail - Cisco runs public RDP server on internal network.

October, 22, 2012 Branden Spikes

Fellow security blogger Brian Krebs posted today about how easy and inexpensive it is for hackers to find hacked servers at Fortune 500 companies.  I don't know about the rest of you, but if I was running a fortune 500 company and learned about an exposed RDP server on my internal network with no intrusion prevention or even a secure password to protect it, I would fire the person responsible on the spot and seriously look at what processes needed to be changed.

Some of the comments there thought it was probably a honeypot, but what point does it serve to put a honeypot on the internet?  You want honeypots to reveal hackers who got through your defenses, not hackers you already know exist everywhere.  Come on Cisco, I have put a lot of faith in you in the past!

Anyway, for those of you who don't know, if you put a server on the Internet for even a moment without defenses in place, it'll be hacked in under 30 minutes.  There's an astonishing amount of "ambient hacking" going on in the US at all times.  

Branden Spikes, CEO CTO and Founder, Spikes Security

Keep informed.