Misconfigured Windows RDP can cause many private data to be leaked by attackers.
RDP is a proprietary protocol developed by Microsoft that provides a user with a graphical interface to connect to another computer over a network connection. It has been a native OS feature since Windows XP. Most of the time, RDP is used for legitimate remote administration—when companies outsource IT, or remote admins have to access a server or a network users machine, they most commonly use RDP to connect to it.
One of the main risks associated with RDP comes when you allow external clients access to your network. The RDP protocol typically uses TCP port 3389. Attackers often find instances of this port open by scanning infrastructure exposed to the internet and using brute force to access open ports.