DICT: Ransomware targets Microsoft users

  • May 18, 2017

MASBATE CITY, May 18 (PIA)—The Department of Information and Communications Technology (DICT) has confirmed that a global ransomware attack is “currently in progress."

 

In a press statement, Information and Communications Technology Secretary Rodolfo A. Salalima said the sophisticated ransomware, known as WannaCrypt or ‘Wanna Decryptor’ exploits a vulnerability in Microsoft’s Windows operating system.

 

“This malware is designed to spread laterally on a network by gaining unauthorized access to the IPC$ share on network resources on the network on which it is operating,” Salalima said.

 

“It is also believed that this ransomware is spread through phishing emails, malicious adverts on websites, and questionable apps and programs. Users are advised to be extremely cautious in their online activities,” he added.

 

 The DICT also issued the following tips to protect computers from this malicious program:
 

 

  • Enable strong spam filters to prevent phishing e-mails from reaching the end users and authenticate in-bound e-mail using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent e-mail spoofing.

 

  • Scan all incoming and outgoing e-mails to detect threats and filter executable files from reaching the end users.

 

  • Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.

 

  • Manage the use of privileged accounts. Implement the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary.

 

  • Configure access controls including file, directory, and network share permissions with least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares.

 

  • Disable macro scripts from Microsoft Office files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full Office suite applications.

 

  • Develop, institute and practice employee education programs for identifying scams, malicious links, and attempted social engineering.

 

  • Have regular penetration tests run against the network. No less than once a year. Ideally, as often as possible/practical.

 

  • Test your backups to ensure they work correctly upon use.

 

In case your computer has been infected, the DICT issued these instructions:

 

  • Contact the Philippines National Computer Emergency Response Team (NCERT) of the DICT and CICC for law enforcement escalation. Contact the NCERT / CICC upon discovery to report an intrusion and request assistance. Maintain and provide relevant logs.

 

  • Implement your security incident response and business continuity plan. Ideally, organizations should ensure they have appropriate backups so their response is simply to restore the data from a known clean backup.

 

To foil lurking ransomwares, the DICT issued these precautionary measures:

 

  • Ensure anti-virus software is up-to-date.

 

  • Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.

 

  • Scrutinize links contained in e-mails, and do not open attachments included in unsolicited e-mails.

 

  • Only download software – especially free software – from sites you know and trust.

 

  • Enable automated patches for your operating system and Web browser.

 

The DICT advised computer users to bring IT problem like this to the attention of the DICT. It may be reached at telephone numbers 920-0101, local 1200 or email to helpdesk@cicc.gov.ph.  One can also visit https://www.facebook.com/CICC.PH. (PR/DICT)


Other News

President Duterte arrives in Russia for official visit
  • May 24, 2017
MOSCOW, Russia, May 24 -- President Rodrigo Roa Duterte arrived here on Monday, May 22, for a four-day official visit which aims to further strengthen bilateral relations with Russia. The plane carrying President Duterte and his official delegation touched down at Vnukovo International Airport at 11:18 p.m. (Moscow time). Moscow is five hours behind Manila. The President was accompanied by Cabinet members led by Executive Secretary Salvador Medialdea, Foreign Affairs Secretary Alan Peter Cayetano, Finance Secretary Carlos Dominguez, Justice Secretary Vitaliano Aguirre, Agriculture Secret...Read more
Avail of DOLE’s job facilitation services
  • May 24, 2017
MANILA, May 24 -- Labor Secretary Silvestre H. Bello III encouraged jobseekers anew to make full use of the government’s employment facilitation services to ease unemployment and underemployment in the country. “We are bringing employment facilitation services closer to the public. Jobseekers may browse PhilJobNet, search for vacancies, and conveniently apply online. They may also look up the job fair schedules posted at the online portal and personally go to the job fairs in their areas,” Bello said.    PhilJobNet is the internet-based job and applicant matching system of the D...Read more
DPWH to complete P114-M bypass road project in Iloilo this year
  • May 24, 2017
MANILA, May 24 -- A new by-pass road would soon be serviceable to lessen the traffic congestion within the highly urbanized roads of Iloilo City, providing more convenient trip for local residents and tourists. The Department of Public Works and Highways (DPWH) Regional Office 6 is presently undertaking the construction of four lanes Nabitasan – San Rafael Bypass Road in the amount of P114.461-million to shorten the travel time from Iloilo City downtown area to Benigno S. Aquino, Jr. Avenue by ten (10) to fifteen (15) minutes. The project involves the construction of 834 lineal meters...Read more
DSWD allocates additional P1B for the twice-a-day feeding program for daycare children
  • May 24, 2017
 QUEZON CITY, May 24, (PIA) – The government through the Department of Social Welfare and Development (DSWD) has allocated an additional P1 B for the pilot implementation of twice-a-day feeding program for daycare (DC) children in 450 local government units (LGUs) nationwide through its Supplementary Feeding Program (SFP).    DSWD regularly implements a 120-day feeding program which provides hot meals once a day in all LGUs nationwide to ensure that daycare children are able to consume nutritious food for their well-being. Under the regular SFP, hot meals are provided to children en...Read more