Microsoft: RDP brute-force attacks last 2-3 days on average
A recent study by Microsoft provides insights into brute-force attacks targeting Remote Desktop Protocol (RDP) implementations in enterprise environments. Over the last few years, RDP brute-forcing has become a popular attack vector in ransomware and other malware campaigns.
By analyzing RDP-login events on 45,000 enterprise workstations, Microsoft found that the average RDP brute-force attack lasts between 2 and 3 days, and 90% of attacks last no more than one week. 0.08% of attacks are successful, which in this study came down to about 1 compromised machine per organization every 3-4 days.