DICT: Ransomware targets Microsoft users

  • May 18, 2017

MASBATE CITY, May 18 (PIA)—The Department of Information and Communications Technology (DICT) has confirmed that a global ransomware attack is “currently in progress."

 

In a press statement, Information and Communications Technology Secretary Rodolfo A. Salalima said the sophisticated ransomware, known as WannaCrypt or ‘Wanna Decryptor’ exploits a vulnerability in Microsoft’s Windows operating system.

 

“This malware is designed to spread laterally on a network by gaining unauthorized access to the IPC$ share on network resources on the network on which it is operating,” Salalima said.

 

“It is also believed that this ransomware is spread through phishing emails, malicious adverts on websites, and questionable apps and programs. Users are advised to be extremely cautious in their online activities,” he added.

 

 The DICT also issued the following tips to protect computers from this malicious program:
 

 

  • Enable strong spam filters to prevent phishing e-mails from reaching the end users and authenticate in-bound e-mail using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent e-mail spoofing.

 

  • Scan all incoming and outgoing e-mails to detect threats and filter executable files from reaching the end users.

 

  • Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.

 

  • Manage the use of privileged accounts. Implement the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary.

 

  • Configure access controls including file, directory, and network share permissions with least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares.

 

  • Disable macro scripts from Microsoft Office files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full Office suite applications.

 

  • Develop, institute and practice employee education programs for identifying scams, malicious links, and attempted social engineering.

 

  • Have regular penetration tests run against the network. No less than once a year. Ideally, as often as possible/practical.

 

  • Test your backups to ensure they work correctly upon use.

 

In case your computer has been infected, the DICT issued these instructions:

 

  • Contact the Philippines National Computer Emergency Response Team (NCERT) of the DICT and CICC for law enforcement escalation. Contact the NCERT / CICC upon discovery to report an intrusion and request assistance. Maintain and provide relevant logs.

 

  • Implement your security incident response and business continuity plan. Ideally, organizations should ensure they have appropriate backups so their response is simply to restore the data from a known clean backup.

 

To foil lurking ransomwares, the DICT issued these precautionary measures:

 

  • Ensure anti-virus software is up-to-date.

 

  • Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.

 

  • Scrutinize links contained in e-mails, and do not open attachments included in unsolicited e-mails.

 

  • Only download software – especially free software – from sites you know and trust.

 

  • Enable automated patches for your operating system and Web browser.

 

The DICT advised computer users to bring IT problem like this to the attention of the DICT. It may be reached at telephone numbers 920-0101, local 1200 or email to helpdesk@cicc.gov.ph.  One can also visit https://www.facebook.com/CICC.PH. (PR/DICT)


Other News

NDRRMC rolls out Bida Ang Handa Campaign for the 2nd quarter nationwide EQ drill
  • June 27, 2017
MANILA, June 27 (PIA) -- The National Disaster Risk Reduction and Management Council (NDRRMC) through the Regional DRRM Councils will hold the 2nd Quarter Nationwide Simultaneous Earthquake Drill (NSED) on 29 June 2017, Thursday, 2PM at Bolton Street in Davao City as the ceremonial venue.   In line with this, OCD kicks off the Bida ang Handa Campaign which generally aims to promote disaster preparedness through public’s participation in the NSED. The main goal of the activity is to gather the maximum number of commitments via social media.   This campaign involves the participa...Read more
Roses for peace on Eid'l Ftr
  • June 27, 2017
BURU-UN, LANAO DEL NORTE – Roses for Peace on Eid'l  Fitr as intense gun battles continued to erupt in the heart of Marawi City, a celebration was taking place in the open grounds of the Iligan City National School of FIsheries which served as an evacuation center for civilians who fled the armed conflict. The mood was festive, as the more than 180 families who have been living in the evacuation center for a month commemorated Eid al-Fitr, or the end of the observance of Ramdhan. But what struck a sensitive chord among the hundreds of people gathered at the site was the excha...Read more
Vizcaya eyes more tourism projects
  • June 27, 2017
BAYOMBONG, Nueva Vizcaya, June 27 (PIA) – An official of the  tourism body here has vowed more tourism-related projects and activities to boost tourist arrivals in the province.   Former Governor Ruth Padilla, president of the Nueva Vizcaya Tourism Council, said they are now preparing the documents for the declaration of the Capissaan Cave System in Kasibu town, Mt. Palali in Bayombong town and Mt. Ugo in Kayapa town as protected areas through the Department of Environment and Natural Resources (DENR).     “These are some of our eco-tourism attractions that need to be pre...Read more
US Embassy, UP-IIS host ‘iftars’ in honor of Ramadan
  • June 27, 2017
BUTUAN CITY, June 27 (PIA) - In culmination of the holy month of Ramadan, the United States (U.S.) Embassy in the Philippines has partnered with the University of the Philippines (UP) Institute of Islamic Studies (IIS) in hosting two simultaneous iftar activities on Wednesday.  One at IIS in Quezon City and the other at the Santa Elena Evacuation Center in Iligan City serving 1,140 Marawi evacuees.  The two communities shared food and fellowship, and strengthened their resolve in solidarity with victims of the Marawi siege.   Following Maghrib, the sunset prayer, U.S. Embassy Deputy ...Read more