{"id":16045,"date":"2023-02-08T15:50:39","date_gmt":"2023-02-08T15:50:39","guid":{"rendered":"https:\/\/www.realvnc.com\/?post_type=blog&#038;p=16045"},"modified":"2024-02-19T16:54:50","modified_gmt":"2024-02-19T16:54:50","slug":"remote-access-session-hijacking-predicted-rise-2023","status":"publish","type":"blog","link":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/","title":{"rendered":"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"16045\" class=\"elementor elementor-16045\" data-elementor-post-type=\"blog\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-29be551e elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"29be551e\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-513289a5\" data-id=\"513289a5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c94c891 elementor-widget elementor-widget-text-editor\" data-id=\"c94c891\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>At a time when <a href=\"https:\/\/www.realvnc.com\/en\/discover\/remote-access\/\">remote access<\/a> has become a necessary part of most organizations\u2019 operations, it\u2019s necessary to take a look at whether the access provided actually maintains organizational security, productivity, and accessibility.<\/p>\n<p>Use of remote access (of every flavor and vendor) by organizations has become a staple due to the shift to a hybrid workforce.&nbsp; While there are plenty of simple remote access solutions available on the market today, many organizations are still relying on the built-in Windows Remote Desktop Protocol (RDP) to access desktops and servers.<\/p>\n<p>A <a href=\"https:\/\/www.netskope.com\/netskope-threat-labs\/cloud-threat-report\">recent study by data visibility &amp; threat protection vendor NetSkope<\/a> shows that 8.3% of *all workloads* across AWS, Azure and Google Cloud have RDP exposed to the Internet.&nbsp; While that number sounds low, I\u2019ll reiterate \u2013 that\u2019s 8.3% of <em>every single workload<\/em> in all the major clouds!!! Now add to that all of the organizations that have RDP access exposed to facilitate remote workers\u2019 access to their in-office desktop. <a href=\"https:\/\/www.hiscoxgroup.com\/cyber-readiness\">According to cyber insurer Hiscox<\/a>, 61% of their ransomware claims last year involved an attack that started with RDP being accessible externally.<\/p>\n<p>In short, there\u2019s way too much RDP in use, it\u2019s creating a massive attack surface, and organizations need to be looking at alternatives. But the perspective shouldn\u2019t be one-sided \u2013 meaning that RDP is simply a risk, period.&nbsp; Instead, let\u2019s take a look at what RDP provides against remote access solutions (in general) to determine what kind of solution benefits the organization most from a few perspectives:<\/p>\n<ul>\n<li><strong>Accessibility<\/strong> \u2013 the connection used should provide the remote user with the best possible experience accessing the remote service.<\/li>\n<li><strong>Productivity<\/strong> \u2013 the connection should facilitate as close to an in-person experience.<\/li>\n<li><strong>Security<\/strong> \u2013 The remote connectivity should align with organizational cybersecurity goals, policies, and standards and not increase the organization\u2019s cyberattack threat surface.<\/li>\n<\/ul>\n<p>Let\u2019s break down RDP and remote access solutions through the lens of each of the mentioned perspectives, beginning with how users access a desktop remotely. As you read through this article, consider a few use cases when some sort of remote connection is used:<\/p>\n<ul>\n<li><strong>Desktop Owner<\/strong> \u2013 When the user of an in-office computer needs to access it remotely; whether inside the corporate network or completely externally.<\/li>\n<li><strong>IT Support<\/strong> \u2013 Users still have issues, even when working remotely. So, the remote connection may be needed for IT to work interactively with the user having the issue or behind the scenes.<\/li>\n<li><strong>Connecting to a Windows \u201cdevice\u201d <\/strong>\u2013 Think healthcare workstation or Windows machine managing some piece of operational hardware when being physically at the device is either impossible or undesired.<\/li>\n<\/ul>\n<h2>Accessibility<\/h2>\n<p>Whether the user taking advantage of a remote desktop connection is an IT support technician or a regular non-IT user, the work of accessing the remote desktop should be as easy as possible and without technical complications. Let\u2019s look at each solution and see how they work to meet this need.<\/p>\n<h3>RDP<\/h3>\n<p>Right off the bat, RDP is built-into Windows (although it needs to be enabled in Windows 11). This means no installation of software to make a connection work.&nbsp; RDP does require a client app and Microsoft has created apps for Windows, Mac OS, Android, iOS, and a web client, which requires the setup and configuration of Remote Desktop Services (RDS) on a Windows Server. Most client applications support creating connection definitions that include authentication settings, display, devices, audio, and folder redirection, making connecting easy. Lastly, RDP is only accessible directly internally, unless port forwarding is setup and exposed to the Internet for users to connect remotely.<\/p>\n<p>Do keep in mind that most of this really just applies when we\u2019re talking about a company-owned desktop to be remotely accessed.&nbsp; Should the scenario be more a support scenario of an employee\u2019s personal Windows device, the access experience by an IT technician trying to help may be far more difficult.<\/p>\n<h3>Remote Access<\/h3>\n<p>The story with remote access is far simpler \u2013 mostly because all the efforts Microsoft has put into making RDP work well (including anything made possible by RDS) is something that is already built into remote access solutions. Generally speaking, remote access solutions use either a client app (with versions for one or more client devices) as well as via a browser session. Some RA solutions have taken web access a step further by offering tools that create a just-in-time type of connection often without requiring anything actually be installed on the remote desktop itself. This means that, regardless of whether the desktop to be remotely accessed is company- or employee-owned, there\u2019s a way to easily provide remote access to it. Some also are intelligent enough to recognize that a remote connection is being made within the corporate network and that proxying the connection isn\u2019t necessary, creating a direct connection between the user and their remote computer.<\/p>\n<p>Additionally, most remote access solutions provide access over TCP port 80, so no special port-forwarding or firewall rules are needed to make the remote computer accessible.<\/p>\n<h2>Productivity<\/h2>\n<p>Users of a remote desktop have varying needs.&nbsp; A basic knowledge worker just needs to access a consistent desktop, while someone with a more specific set of responsibilities may need access to a mix of local and remote peripherals, while IT users may be concerned with utilizing a connection that maintains both their productivity <em>and <\/em>the actual owner of the remote desktop. The remote connection used needs to meet the needs of every user that will take advantage of it to be considered truly productive.<\/p>\n<h3>RDP<\/h3>\n<p>Microsoft\u2019s RDP has been around for years, providing a seamless desktop experience for remote users. It supports the ability to port over sound, disks, ports, and network printers over to the remote user.&nbsp; It also provides the ability to be remotely shadowed by support staff when using RDS.<\/p>\n<h3>Remote Access<\/h3>\n<p>I should note that the access to peripherals may be limited, depending on the RA solution, as the focus may be primarily on supporting an existing user remotely instead of trying to have a seamless remote experience. Some of the differentiating features for RA include recording the session, support for attended or unattended sessions (meaning the remote session is not interactive and seen by the logged-on user), chat functionality, and system management \u2013 all in addition to remote access to the desktop itself.<\/p>\n<h2>Security<\/h2>\n<p>All this accessibility and productivity is great \u2013 as long as it all exists within the context of maintaining the organization\u2019s security stance. There are a lot of aspects specifically about a remote connection that increase the risk of a successful attack, including the use of encryption, how authentication is handled, whether a brute force attack is possible, what kind of privileges are provided once connected, and how it fits into your larger security architecture (which is designed to provide greater security overall).<\/p>\n<h3>RDP<\/h3>\n<p>Microsoft has taken a lot of steps to make RDP access secure from a number of perspectives:<\/p>\n<ul>\n<li><strong>Authentication<\/strong> \u2013 Right off the bat, the user needs to authenticate with Active Directory or Azure AD. Adding multi-factor authentication (MFA) is possible but requires a separate installation and configuration (and may even require a third-party MFA solution). RDP does also support the use of smart card authentication via Remote Desktop Services.<\/li>\n<li><strong>Encrypted Channel<\/strong> \u2013 RDP supports a 56-bit or 128-bit encrypted channel.<\/li>\n<li><strong>Granular Access<\/strong> \u2013 It is possible to use the \u201cDeny log on through Remote Desktop Services\u201d group policy as a way to limit who can access RDP sessions. But, again, this means installing and configuring another solution.<\/li>\n<li><strong>Privileges<\/strong> \u2013 Your privileges are limited by the account you log on with. So, in the case of IT trying to provide support, they will need to use User Access Control with an account that has elevated privileges to do any administrative work.<\/li>\n<\/ul>\n<p>There is one unresolved risk with RDP: &nbsp;it requires that a port be open (TCP port 3389 by default) which cybercriminals scan for to identify paths of entry into a network.&nbsp; It should also be noted that simply changing the port doesn\u2019t make RDP more secure; cybercriminals are scanning <em>every <\/em>port and looking for an RDP response on the other end.&nbsp; So, no matter the port, they will find it, connect to it, and attempt to brute force a logon.<\/p>\n<h3>Remote Access<\/h3>\n<p>RA solutions have the upper hand here, often providing far more granularity around security options:<\/p>\n<ul>\n<li><strong>Authentication<\/strong> \u2013 Most RA solutions have a number of authentication options including passwords, integration with a Single Sign-On solution, support for the use of RADIUS services, smart cards, certificate, and MFA.<\/li>\n<li><strong>Encrypted Channel<\/strong> \u2013 Most provide better encryption; usually up to 256-bit.<\/li>\n<li><strong>Granular Access <\/strong>\u2013 While RDP has limited capabilities here, RA solutions take the opportunity to provide far more granular access through assigning which users can access which systems via the solution, by creating role based access definitions, and by restricting abilities when in the session (e.g., us of file transfer, whether they can control the remote keyboard and mouse, etc.),<\/li>\n<li><strong>Privileges<\/strong> \u2013 Some RA solutions can provide elevated credentials to be automatically provided during a session to allow support professionals to make administrative changes without having to give up the credential itself.<\/li>\n<\/ul>\n<h2>Is there a \u201cWinner\u201d?<\/h2>\n<p>Having remote access built-in with little-to-no configuration needed (as in the case of the basic RDP in Windows) is a great thing.&nbsp; It\u2019s empowered businesses to continue to function without spending a dime. However, RDP isn\u2019t without its limitations or issues.&nbsp; The question as to whether you should be considering a third-party RA solution really depends on whether you need the advanced capabilities, better security, and more granular control that RA solutions offer.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>As cybercriminals evolve their tactics based on how organizations are strengthening their cybersecurity positions, security experts at HP predict that remote access sessions will be the next vector.<\/p>\n","protected":false},"author":20,"featured_media":16053,"template":"","blog_category":[280,281,257],"class_list":["post-16045","blog","type-blog","status-publish","has-post-thumbnail","hentry","blog_category-featured","blog_category-remote-access","blog_category-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023<\/title>\n<meta name=\"description\" content=\"Security experts at HP predict that remote access session hijacking will be the next vector when it comes to cyberattacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023\" \/>\n<meta property=\"og:description\" content=\"Security experts at HP predict that remote access session hijacking will be the next vector when it comes to cyberattacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/\" \/>\n<meta property=\"og:site_name\" content=\"RealVNC\u00ae\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/realvnc\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-19T16:54:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/02\/Remote-access-session-hijacking.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@realvnc\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/\"},\"author\":{\"name\":\"Nick Cavalancia, 4-time Microsoft MVP\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#\\\/schema\\\/person\\\/01b6bf08521717030ba8b5904cbdfc49\"},\"headline\":\"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023\",\"datePublished\":\"2023-02-08T15:50:39+00:00\",\"dateModified\":\"2024-02-19T16:54:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/\"},\"wordCount\":1612,\"publisher\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/Remote-access-session-hijacking.jpg\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/\",\"name\":\"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/Remote-access-session-hijacking.jpg\",\"datePublished\":\"2023-02-08T15:50:39+00:00\",\"dateModified\":\"2024-02-19T16:54:50+00:00\",\"description\":\"Security experts at HP predict that remote access session hijacking will be the next vector when it comes to cyberattacks.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/Remote-access-session-hijacking.jpg\",\"contentUrl\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/Remote-access-session-hijacking.jpg\",\"width\":1600,\"height\":900,\"caption\":\"Remote access session hijacking\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/remote-access-session-hijacking-predicted-rise-2023\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blogs\",\"item\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/\",\"name\":\"RealVNC\u00ae\",\"description\":\"The world&#039;s safest remote access software\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#organization\",\"name\":\"RealVNC\u00ae\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/realvnc-logo-blue.png\",\"contentUrl\":\"https:\\\/\\\/www.realvnc.com\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/realvnc-logo-blue.png\",\"width\":300,\"height\":41,\"caption\":\"RealVNC\u00ae\"},\"image\":{\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/realvnc\",\"https:\\\/\\\/x.com\\\/realvnc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/realvnc\\\/\",\"https:\\\/\\\/www.youtube.com\\\/RealVNCLtd\",\"https:\\\/\\\/en.wikipedia.org\\\/wiki\\\/RealVNC\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.realvnc.com\\\/en\\\/#\\\/schema\\\/person\\\/01b6bf08521717030ba8b5904cbdfc49\",\"name\":\"Nick Cavalancia, 4-time Microsoft MVP\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/39ee2c0e6e815f082b788d1724827f4153716df8f8013fbe03f24ab73c6e4b89?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/39ee2c0e6e815f082b788d1724827f4153716df8f8013fbe03f24ab73c6e4b89?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/39ee2c0e6e815f082b788d1724827f4153716df8f8013fbe03f24ab73c6e4b89?s=96&d=mm&r=g\",\"caption\":\"Nick Cavalancia, 4-time Microsoft MVP\"},\"description\":\"Nick Cavalancia is a four-time Microsoft MVP, has over 28 years of enterprise IT experience, is an accomplished consultant, speaker, trainer, writer, and columnist, and has achieved industry certifications including MCSE, MCT, Master CNE, and Master CNI. He has authored, co-authored and contributed to dozens of books on various technologies. Nick regularly speaks, writes and blogs for some of the most recognized tech companies today on topics including cybersecurity, cloud adoption, business continuity, and compliance.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023","description":"Security experts at HP predict that remote access session hijacking will be the next vector when it comes to cyberattacks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/","og_locale":"en_US","og_type":"article","og_title":"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023","og_description":"Security experts at HP predict that remote access session hijacking will be the next vector when it comes to cyberattacks.","og_url":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/","og_site_name":"RealVNC\u00ae","article_publisher":"https:\/\/www.facebook.com\/realvnc","article_modified_time":"2024-02-19T16:54:50+00:00","og_image":[{"width":1600,"height":900,"url":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/02\/Remote-access-session-hijacking.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@realvnc","twitter_misc":{"Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/#article","isPartOf":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/"},"author":{"name":"Nick Cavalancia, 4-time Microsoft MVP","@id":"https:\/\/www.realvnc.com\/en\/#\/schema\/person\/01b6bf08521717030ba8b5904cbdfc49"},"headline":"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023","datePublished":"2023-02-08T15:50:39+00:00","dateModified":"2024-02-19T16:54:50+00:00","mainEntityOfPage":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/"},"wordCount":1612,"publisher":{"@id":"https:\/\/www.realvnc.com\/en\/#organization"},"image":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/#primaryimage"},"thumbnailUrl":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/02\/Remote-access-session-hijacking.jpg","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/","url":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/","name":"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023","isPartOf":{"@id":"https:\/\/www.realvnc.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/#primaryimage"},"image":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/#primaryimage"},"thumbnailUrl":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/02\/Remote-access-session-hijacking.jpg","datePublished":"2023-02-08T15:50:39+00:00","dateModified":"2024-02-19T16:54:50+00:00","description":"Security experts at HP predict that remote access session hijacking will be the next vector when it comes to cyberattacks.","breadcrumb":{"@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/#primaryimage","url":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/02\/Remote-access-session-hijacking.jpg","contentUrl":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/02\/Remote-access-session-hijacking.jpg","width":1600,"height":900,"caption":"Remote access session hijacking"},{"@type":"BreadcrumbList","@id":"https:\/\/www.realvnc.com\/en\/blog\/remote-access-session-hijacking-predicted-rise-2023\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.realvnc.com\/en\/"},{"@type":"ListItem","position":2,"name":"Blogs","item":"https:\/\/www.realvnc.com\/en\/blog\/"},{"@type":"ListItem","position":3,"name":"Remote Access \u201cSession Hijacking\u201d Predicted to Rise in 2023"}]},{"@type":"WebSite","@id":"https:\/\/www.realvnc.com\/en\/#website","url":"https:\/\/www.realvnc.com\/en\/","name":"RealVNC\u00ae","description":"The world&#039;s safest remote access software","publisher":{"@id":"https:\/\/www.realvnc.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.realvnc.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.realvnc.com\/en\/#organization","name":"RealVNC\u00ae","url":"https:\/\/www.realvnc.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.realvnc.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/05\/realvnc-logo-blue.png","contentUrl":"https:\/\/www.realvnc.com\/wp-content\/uploads\/2023\/05\/realvnc-logo-blue.png","width":300,"height":41,"caption":"RealVNC\u00ae"},"image":{"@id":"https:\/\/www.realvnc.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/realvnc","https:\/\/x.com\/realvnc","https:\/\/www.linkedin.com\/company\/realvnc\/","https:\/\/www.youtube.com\/RealVNCLtd","https:\/\/en.wikipedia.org\/wiki\/RealVNC"]},{"@type":"Person","@id":"https:\/\/www.realvnc.com\/en\/#\/schema\/person\/01b6bf08521717030ba8b5904cbdfc49","name":"Nick Cavalancia, 4-time Microsoft MVP","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/39ee2c0e6e815f082b788d1724827f4153716df8f8013fbe03f24ab73c6e4b89?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/39ee2c0e6e815f082b788d1724827f4153716df8f8013fbe03f24ab73c6e4b89?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/39ee2c0e6e815f082b788d1724827f4153716df8f8013fbe03f24ab73c6e4b89?s=96&d=mm&r=g","caption":"Nick Cavalancia, 4-time Microsoft MVP"},"description":"Nick Cavalancia is a four-time Microsoft MVP, has over 28 years of enterprise IT experience, is an accomplished consultant, speaker, trainer, writer, and columnist, and has achieved industry certifications including MCSE, MCT, Master CNE, and Master CNI. He has authored, co-authored and contributed to dozens of books on various technologies. Nick regularly speaks, writes and blogs for some of the most recognized tech companies today on topics including cybersecurity, cloud adoption, business continuity, and compliance."}]}},"_links":{"self":[{"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/blog\/16045","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/types\/blog"}],"author":[{"embeddable":true,"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/users\/20"}],"version-history":[{"count":0,"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/blog\/16045\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/media\/16053"}],"wp:attachment":[{"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/media?parent=16045"}],"wp:term":[{"taxonomy":"blog_category","embeddable":true,"href":"https:\/\/www.realvnc.com\/en\/wp-json\/wp\/v2\/blog_category?post=16045"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}