Stop Ransomware Attacks at the Source.

Coveware report: Ransomware Attack Vectors

Secure RDP, Kill the VPN

Everyone knows by now that preventing ransomware is one of the top cybersecurity challenges. Yet most solutions focus on detection once the attack is underway. Wouldn’t it be better to stop ransomware attacks at the source?

In my previous post, I shared our insights on the attacks used against exposed RDP hosts and VPN servers. Most enterprises today are adapting to the new “work from home” reality through widespread deployment of VPNs and Remote Desktops (RDPs). However, as we outlined earlier, attackers exploit these solutions so extensively that it takes an average of 2 minutes for such a target to be attacked.

According to a recently-published report by Coveware, not surprisingly, RDP Compromise is the most common attack vector for ransomware with ~60% of the cases, followed by email phishing and software vulnerabilities.

Coveware report: Ransomware Attack Vectors
Fig. 1: Coveware report: Ransomware Attack Vectors

This data shows that Microsoft RDP is both one of most widely-used remote desktop solutions while also being the most common attack vector for ransomware.

ZTNA Stops Ransomware at its Source

In order to prevent public access, some companies use VPN solutions for further limiting access to RDP hosts but in reality this approach just shifts the attack vectors to VPN servers and cause additional problems. For full technical details, check out “Using RDP together with VPN/MFA gives a false sense of security”.

TransientAccess, on the other hand, offers a simple and highly effective Zero Trust Network Access (ZTNA) solution that alleviates all of the aforementioned problems and stops ransomware at its source because:

1- RDP hosts are NEVER accessible from the internet. Remote access is limited to authenticated users only.

2- Unlike VPNs, no device is joining a private network, hence other PCs in the private network are not visible.

3- Even if the device is infected with Ransomware, malware does not even see the hidden “disposable network” created by TransientAccess.

4- TransientAccess builds a network of applications, not devices. Hence it is natively segmented at the application level.

See the benefits of using TransientAccess to protect RDP Solutions

This short video shows how simple it is to use RDP with TransientAccess. The user doesn’t need to know how to run RDP client itself. Everything is handled automatically for them. Put another way, simple isn’t easy. We’ve done the hard work of making it simple:

Accessing an RDP session with TransientAccess

So why TransientAccess?


  • ZTNA architecture provides private access to RDP hosts without any publicly exposed elements
  • Even with unmanaged devices or infected machines, RDP sessions are protected against credential-stealing malware or ransomware.
  • Multi-Factor Authentication (MFA) support built-in.


  • Zero-friction implementation with the simplicity and elasticity of a cloud delivered service.
  • No user education. Users do not even need to know how to use an RDP client. Everything is just one click away. RDP with TransientAccess is EASIER to use than RDP alone.

Low TCO:

  • No need to buy a VPN and MFA service, it’s built in.
  • No need to buy expensive licenses for alternative remote desktop tools like Teamviewer or Logmein

Stop Ransomware Attacks at the Source. Secure RDP and kill the VPN with TransientAccess ZTNA.

Ready to try for yourself? Contact us and we’ll get you set up today.