HKCert
Security Blog

Secure the Remote Desktop Services (RDP) for Preventing Ransomware Attack!

Release Date: 09 / 11 / 2017
Last Update: 09 / 11 / 2017
While the recent intrusion of an enterprise may have stolen the limelight, let us not forget about the spread of CrySIS/Dharma ransomware. HKCERT is aware of news reports that a school fell victim to infection yesterday, resulting in data being encrypted and inaccessible. In addition, between September and October, we received 18 infection cases.
 
As this ransomware mainly leverages Remote Desktop Services (RDP) for infection, HKCERT strongly advises users and organizations to secure the RDP in their servers and workstations. We have also issued a security bulletin to alert the public on how to handle and prevent the infection. For details, please visit: https://www.hkcert.org/my_url/en/alert/17102401