Secure the Remote Desktop Services (RDP) for Preventing Ransomware Attack!
Release Date: 9 Nov 2017 2626 Views
While the recent intrusion of an enterprise may have stolen the limelight, let us not forget about the spread of CrySIS/Dharma ransomware. HKCERT is aware of news reports that a school fell victim to infection yesterday, resulting in data being encrypted and inaccessible. In addition, between September and October, we received 18 infection cases.
As this ransomware mainly leverages Remote Desktop Services (RDP) for infection, HKCERT strongly advises users and organizations to secure the RDP in their servers and workstations. We have also issued a security bulletin to alert the public on how to handle and prevent the infection. For details, please visit: /my_url/en/alert/17102401
More comprehensive guidelines on hardening the RDP service can be found at: https://security.berkeley.edu/resources/best-practices-how-articles/securing-remote-desktop-rdp-system-administrators