Industry publication Data Breach Today reports hackers are increasingly exploiting weak Remote Desktop Protocol (RDP) credentials to launch ransomware attacks.

“Many enterprises use remote desktop protocol to remotely administer their PCs and mobile devices,” reports Executive Editor Mathew J. Schwartz. “But security experts warn that weak RDP credentials are in wide circulation on darknet marketplaces and increasingly used by ransomware attackers.” RDP credentials have long been used to launch distributed denial of service (DDoS) and malware attacks. Investigators recently found RDP credentials for sale for as little as $3.

To thwart hackers, experts told Data Breach Today, companies should use strong RDP passwords to stop brute-force attacks, keep an eye out for unusual network behavior and audit ports to prevent open and unsecured RDP or SSH ports.