HKCERT noticed there were reports that an enterprise was intruded by hackers and the customer data files were locked. The enterprise was ransomed by hackers via emails as well.
HKCERT reminds enterprises that, besides financial data, personal data is also a target of attackers. Enterprises are advised to secure their web servers, web applications and database servers properly.
Some of the common security measures include:
- Restrict access and protect web admin login page and system remote access services (such as RDP port 3389 and TeamViewer port 5938). Use 2-factor authentication if possible.
- Validate user supplied inputs in web applications.
- Separate the web and Database servers.
- Use web application firewall.
- Perform penetration testing and vulnerability scanning on a regular basis.
- Apply security patches in a timely manner, etc.
Are you well prepared to protect your company against ransomware?