Protect Personal Information, Stay Away from Hackers
HKCERT noted that there was a reported case that another hacking of the enterprise system, theft of customer information and ransomed by hacker.
- Data encryption;
- Regular data backup and ensure offline backup available;
- Deploy server security patching regularly;
- Restrict on authorized account and use of the least privilege principle;
- Protect the administrator's login interface and system remote access services (such as RDP port 3389 and TeamViewer port 5938). It is recommended to use Two Factor Authentication to protect the connection;
- Use Application Firewall to protect websites and database servers;
- Periodic perform penetration Test and/or vulnerability scan;
- Verify and validate user input in web application;
- Place the web server and database server separately, the database server should be located on the internal network and only accept access from the internal network; and
- Protect intranet computers to avoid becoming hackers' backdoors.