Beware of cyber attack, protect personal information

Release Date: 8 Nov 2017 3009 Views

HKCERT noticed there were reports that an enterprise was intruded by hackers and the customer data files were locked. The enterprise was ransomed by hackers via emails as well.

 

HKCERT reminds enterprises that, besides financial data, personal data is also a target of attackers. Enterprises are advised to secure their web servers, web applications and database servers properly.

 

Some of the common security measures include:

  1. Restrict access and protect web admin login page and system remote access services (such as RDP port 3389 and TeamViewer port 5938). Use 2-factor authentication if possible.
  2. Validate user supplied inputs in web applications.
  3. Separate the web and Database servers.
  4. Use web application firewall.
  5. Perform penetration testing and vulnerability scanning on a regular basis.
  6. Apply security patches in a timely manner, etc.

For more information, please refer to HKCERT security guideline: Guideline of Web Security.

Share with

Previous

Favourite Security Reads of the Week (3 Nov 2017)

3 Nov 2017 1674 Views

Next

Secure the Remote Desktop Services (RDP) for Preventing Ransomware Attack!

9 Nov 2017 3783 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY