In order to anticipate security vulnerabilities and the increasing number of cyber incidents in the central and regional government environments, the National Cyber and Crypto Agency has issued a security appeal regarding Windows Remote Desktop Service Execute Malicious Code.
Appeal!
Update the Operating System Regularly, Perform Windows Operating System Updates Routinely to Ensure All the Latest Security Patches are Installed.
Use the Latest Endpoint Protection, Ensure the Device is Equipped with Endpoint Protection That Can Detect and Prevent Exploitation Attempts in Real-Time.
Avoid Accessing Known/Unclear Origins, Unknown Do Not Make Remote Desktop Connections to Unknown or Suspicious Servers.
Use a Secure Network, Ensure Connected to a Trusted Network When Using Remote Desktop.
Enable Network Level Authentication (Nla), Ensure Nla is Active When Using Remote Desktop to Add a Layer of Authentication Before the Connection is Connected.
Beware of Suspicious Activity, Report Any Unusual Activity Immediately, Such as Active Remote Desktop Sessions Without the User’s Knowledge.
Do Not Share Credentials, Avoid Sharing Usernames and Passwords for Remote Desktop Access, Even with Fellow Employees.
