{"id":32314,"date":"2024-02-05T14:12:54","date_gmt":"2024-02-05T14:12:54","guid":{"rendered":"https:\/\/www.realvnc.com\/en\/?post_type=blog&p=32314"},"modified":"2024-02-05T16:34:58","modified_gmt":"2024-02-05T16:34:58","slug":"anydesk-security-breach","status":"publish","type":"blog","link":"https:\/\/www.realvnc.com\/en\/blog\/anydesk-security-breach\/","title":{"rendered":"AnyDesk security breach is a stark reminder of the imperative for truly secure remote access"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

AnyDesk has announced that, following a security audit, they found their production systems have been compromised. Here\u2019s what this should tell you about why a truly secure remote access solution is an imperative.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

The AnyDesk breach: What do we know so far?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

According to an incident response by AnyDesk<\/a>, a security audit found some of the company’s systems have been compromised. The incident is said to not be related to ransomware.<\/p>

AnyDesk has downplayed the incident, claiming that the situation is under control. However, users have been urged to reset their passwords if also used elsewhere. The timing of maintenance in the days before the public announcement, as well as the late Friday afternoon press release from AnyDesk, would indicate that the breach occurred several days before public acknowledgment was given.<\/p>

BleepingComputer<\/a> has discovered that the attackers stole source code and private code signing keys.<\/p>

To make things even worse, a recent report from Resecurity suggests that AnyDesk user credentials have made their way onto the Dark Web<\/a>.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

Why should you take the AnyDesk attack seriously?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

If you’re an AnyDesk user, you should take this news very seriously. And even if you’re using another remote access solution, this needs to make you challenge its security credentials.<\/p>

Unfortunately, this is not the first time that something like this has happened. As we said at the time of the GoTo security incident<\/a>, when security is not the first priority, customers are the ones who end up suffering.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

RealVNC: The commitment to security<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

At RealVNC, security is at the heart of everything we do. We do our best to mitigate such risks, and to keep your data as secure as possible. Here are some of the things we do to make sure that your data never ends up in the wrong hands.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

RealVNC's ISO27001 certification: managing data security risks<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Our security experts understand the implications of stringent security requirements.<\/p>

Our ISO27001 certification<\/a> is our commitment to uphold the highest standards of information security management. When we say that our systems are fortified, we are not speaking lightly. This certification means we engage in continuous risk assessment, employ comprehensive security controls throughout all areas of operations in our company, and ensure that our staff is trained in best practices for information security.<\/p>

What sets an ISO27001 certified provider apart in today\u2019s digital landscape? It shows that we have a proactive approach to data protection throughout the entire company. We don’t just respond to threats; we anticipate them and prepare for them.<\/p>

If your remote access provider doesn’t have this certification, question them on it!<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

RealVNC's fundamental security principles<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Our security principles<\/a> are essential to the service we provide to you. They ensure that your data is as secure as possible, at all times:<\/p>