Help desk
We are here to provide better KAIST IT experiences.Notice
[Security] A guide for preventing a ransomware attack via windows remote desktop
- Created 2018-12-13
- Writer Jin Hyoung, Kim
- Hit 3085
This is the security office of KAIST Information and communications. Recently, cyber attacks targetting PCs and servers in KAIST have occurred via Windows Remote Desktop and the attacker deployed ransomwares, so KAIST ICT is informing KAIST members below procedures in order to provent any losses;
1. Secure Remote Desktop Settings
1) Create and use a new administrative account which differs from an "administrator" account.
2) Create and use a strong password: see External Link (https://www.howtogeek.com/195430/how-to-create-a-strong-password-and-remember-it/)
3) Stay with your system Updated and refrain from using other remote desktop tools (VNC, etc.)
4) Remote Desktop Connection via the KAIST Vpn Service: External Link (https://kvpn.kaist.ac.kr)
5) How to check if hackers attempted getting access your system via remote desktop or not : See the attachment.
2. Protection from ransomware
1) Response to phishing mail : deletion of unsolicited mail and do not open the attachments.
2) Take advantage of the ransomware expert response solution :
- " Ransom Shield " by Altools which you can download from https://kftp.kaist.ac.kr)
3) Installing a vaccine program : install both V3 or alyac anti-virus program(If you want to install only one vaccine, it is recommended to install a Alyac)