What is VNC and why should I be concerned?
VNC is a system that enables a user to remotely control another computer. Having a VNC service directly visible and accessible from the Internet can make an organisation extremely vulnerable to cyber-attack.
How do I resolve this?
VNC services should instead be hidden behind a firewall and/or VPN, or similar action taken, to prevent any unwanted access or intrusion which could later be used to access the internal network via any connecting devices or accidental connection onto the core network. If placing these services behind a firewall/VPN, only a narrow set of allow-listed services should be permitted to connect. If you do this, KYND will mark the issue as resolved.
If this isn’t possible, you should take alternative steps to mitigate the issue.
This could include adding extra layers of authentication, including MFA or PKI certificates to ensure that only authenticated users and services are able to connect.
If none of these are possible, then these services should be entirely separated from the rest of your organisation's infrastructure, ensuring that there is no way an attacker could traverse from an attack on this service to gain access to sensitive data, services, networks or infrastructure.