On June 4, 2019, the National Security Agency (NSA) sent out a Cybersecurity Advisory to urge Microsoft Windows users and administrators to ensure that they are using a patched and updated system in the face of growing threats. There is a flaw in the Windows operating system that could cause widespread havoc without user intervention.
The flaw is called “BlueKeep,” and is the type of vulnerability that malicious cyber attackers could exploit through the use of software code that specifically targets the vulnerability. This software could be in the form of a virus, malware, or ransomware – and it could happen by simply having the computer turned on.
The NSA urges everyone to invest the time and resources to know your network and run supported operating systems with the latest patches. Updating systems helps to protect computer users from these kinds of cyber-attacks. There are millions of machines that are still using Windows 7, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2, that all have this vulnerability. Although Microsoft has issued a patch, there are machines that have not been updated.
In addition to updating systems, here are a few additional measures that can be taken:
- Block TCP Port 3389 at your firewalls, especially any perimeter firewalls exposed to the internet. This port is used in RDP protocol and will block attempts to establish a connection.
- Enable Network Level Authentication. This security improvement requires attackers to have valid credentials to perform remote code authentication.
- Disable remote Desktop Services if they are not required. Disabling unused and unneeded services helps reduce exposure to security vulnerabilities.
- Contact your Managed IT provider to verify that your computer network is properly protected against BlueKeep and other types of attack.
Founded in 2003, ELIJAH is a multi-award-winning leader in providing expert digital forensic, data security solutions, and managed IT. ELIJAH is owned and managed by former litigation partners and is an efficient boutique digital forensic, cybersecurity and IT solutions provider that makes clients’ lives easier through effective communication and white glove service. For additional information, please visit https://www.elijaht.com or call 866-354-5240.