DICT: Ransomware targets Microsoft users

  • May 18, 2017

MASBATE CITY, May 18 (PIA)—The Department of Information and Communications Technology (DICT) has confirmed that a global ransomware attack is “currently in progress."

 

In a press statement, Information and Communications Technology Secretary Rodolfo A. Salalima said the sophisticated ransomware, known as WannaCrypt or ‘Wanna Decryptor’ exploits a vulnerability in Microsoft’s Windows operating system.

 

“This malware is designed to spread laterally on a network by gaining unauthorized access to the IPC$ share on network resources on the network on which it is operating,” Salalima said.

 

“It is also believed that this ransomware is spread through phishing emails, malicious adverts on websites, and questionable apps and programs. Users are advised to be extremely cautious in their online activities,” he added.

 

 The DICT also issued the following tips to protect computers from this malicious program:
 

 

  • Enable strong spam filters to prevent phishing e-mails from reaching the end users and authenticate in-bound e-mail using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent e-mail spoofing.

 

  • Scan all incoming and outgoing e-mails to detect threats and filter executable files from reaching the end users.

 

  • Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.

 

  • Manage the use of privileged accounts. Implement the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary.

 

  • Configure access controls including file, directory, and network share permissions with least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares.

 

  • Disable macro scripts from Microsoft Office files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full Office suite applications.

 

  • Develop, institute and practice employee education programs for identifying scams, malicious links, and attempted social engineering.

 

  • Have regular penetration tests run against the network. No less than once a year. Ideally, as often as possible/practical.

 

  • Test your backups to ensure they work correctly upon use.

 

In case your computer has been infected, the DICT issued these instructions:

 

  • Contact the Philippines National Computer Emergency Response Team (NCERT) of the DICT and CICC for law enforcement escalation. Contact the NCERT / CICC upon discovery to report an intrusion and request assistance. Maintain and provide relevant logs.

 

  • Implement your security incident response and business continuity plan. Ideally, organizations should ensure they have appropriate backups so their response is simply to restore the data from a known clean backup.

 

To foil lurking ransomwares, the DICT issued these precautionary measures:

 

  • Ensure anti-virus software is up-to-date.

 

  • Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.

 

  • Scrutinize links contained in e-mails, and do not open attachments included in unsolicited e-mails.

 

  • Only download software – especially free software – from sites you know and trust.

 

  • Enable automated patches for your operating system and Web browser.

 

The DICT advised computer users to bring IT problem like this to the attention of the DICT. It may be reached at telephone numbers 920-0101, local 1200 or email to helpdesk@cicc.gov.ph.  One can also visit https://www.facebook.com/CICC.PH. (PR/DICT)


Other News

PNP, water district sign MOA to protect Isarog watershed in Bicol
  • August 17, 2017
NAGA CITY, Aug. 16 (PIA) – With its mandate to protect, manage, develop and conserve the Mt. Isarog Natural Park (MINP) in Camarines Sur, the Metro Naga Water District (MNWD) had the Naga City Police Station as its newest stakeholder in the collaboration to protect and conserve the MINP. On Aug. 7, the Naga police and the MNWD signed a memorandum of agreement (MOA) to firm up the cooperation and collaboration between the two entities.   MNWD Board Chairman Jorge T. Palma said the MOA intends to address the protection, conservation and rehabilitation of a portion of the MINP wate...Read more
Surigao delegates join global waste management confab in Bangkok
  • August 17, 2017
SURIGAO CITY, Surigao del Norte, Aug. 17 (PIA) – In an effort to gain insights and learn best practices of proper waste management abroad, Governor Sol F. Matugas led the Surigao del Norte delegation who participated in the Global Waste Management Conference 2017 in Bangkok, Thailand last August 1-2. With the theme, “Building Sustainability in an Urbanized World through Strategic Waste Management,” the International Global Waste Management Conference 2017 is the first in Asia, designed to provide a platform to address the rising issues in relation to the negative impacts of waste on h...Read more
DepEd School Building Program: A Briefer
  • August 17, 2017
PASIG CITY, Aug. 17 -- On par with the President’s directive to “Build, Build, Build”, the Department of Education (DepEd) has entered into a Memorandum of Agreement with the Department of Public Works and Highways (DPWH) to outline the strategy for the implementation of the Basic Education Facilities Fund (BEFF).   Part of the agreement was for DepEd and DPWH to jointly conduct the validation of proposed school building to determine: a) buildable spaces, b) classroom building types, and c) actual project costs. An important part of this strategy is the conduct of geo-technical...Read more
Congressman Bordado highlights achievements in State of the District Address
  • August 17, 2017
NAGA CITY, Aug. 17 (PIA) –Camarines Sur Rep. Gabriel H. Bordado Jr. (third district) delivered the first ever State of the District Address last Saturday, Aug. 12, at the Eurotel Convention Center here.   Before a well-attended gathering of local officials and civil society leaders in his district, Bordado presented a summary of his accomplishments for July 2016  to July 2017.   For his legislative work, Bordado had a perfect attendance during sessions in Congress where he was present 97 times in 97 session days.  He also authored and co-authored 93 Bills, made five manife...Read more