Remote Desktop Protocol, or RDP, is a Microsoft remote access service that lets an administrator control a Windows system over the network as if they were sitting in front of it. It is common in business environments for support, troubleshooting, and managing servers and workstations.
RDP matters in cyber security because it can become a direct path into internal systems if it is exposed to the internet, protected by weak passwords, or paired with stolen credentials. Attackers use RDP for brute-force logins, password-spraying, and post-compromise lateral movement. In ransomware intrusions, a successful RDP login can give an operator interactive access for reconnaissance, disabling defenses, staging archives, and stealing data before encryption. Defenders reduce risk by restricting exposure, enforcing multi-factor authentication, using VPN or jump hosts, monitoring failed logons, and disabling unused remote access.