The recent WannaCrypt ransomware outbreak (also known as WannaCry) is a stark reminder of the risks that we face in the digital world, but it also creates an opportunity for us to review the state of our security strategies. Like many tech companies, RealVNC takes security very seriously, whether developing safe software for our customers or protecting our own corporate infrastructure from hostile attacks. To these ends, we would like to highlight five areas of best practice that will help you to build a strong defense against current and future security threats.
- Install OS and application patches
WannaCrypt exploits a vulnerability in Server Message Block (SMB) file sharing protocol on Windows (CVE-2017-0145) to spread inside a network. This was patched in security bulletin MS17-010, which was released on March 14, 2017. Ensure you have an active patching strategy to keep your systems up-to-date with the latest vendor updates.
- Backup regularly
Ransomware like WannaCrypt encrypts your important files and demands a ransom for their release. Having an up-to-date backup to fall back on protects your valuable data and minimizes down time if you need to rebuild your computer system.
- Run Anti-Virus software
Running an up-to-date Anti-virus program ensures you are protected from the latest hostile agents. This protection should extend beyond your desktop clients. It is essential to have a security solution for mailboxes and networks in order to construct multiple layers of defense.
- Review firewall policies
Do not expose any services to the internet unless it is absolutely necessary. WannaCrypt spread via Windows SMB ports, so keep these closed to the Internet and review internal network segregation. In the case of our own software, VNC Connect does not need any incoming firewall ports open to create a connection. This allows remote administration of servers, without exposing your internal services.
- Deploy enhanced security
Although the initial infection vector for WannaCrypt is not yet known, brute force RDP logins are one possible attack vector. You can eliminate this access route with multi-factor authentication. VNC Connect supports many additional authentication types and blacklisting, to ensure your accounts are safe and only accessible by those who should have access.
The number of pernicious threats to our digital data from hostile and criminal agents is likely to increase, so it is up to all of us to be as well-prepared and vigilant as possible. You must protect your infrastructure and chose applications with the most robust security architectures. The best advice we can offer is to ensure you have a well-considered security strategy in place that allows you to react quickly and effectively.
You can learn more about the security architecture and resources of VNC Connect by visiting our security resource page at www.realvnc.com/connect/security.