The Department of Information and Communications Technology (DICT), through Secretary Rodolfo A Salalima and Assistant Secretary Allan S Cabanlong confirms that a global ransomware attack is currently in progress. The sophisticated ransomware, known as ‘Wanna Cry’ or ‘Wanna Decryptor’, exploits a vulnerability in Microsoft’s Windows operating system.
This malware is designed to spread laterally on a network by gaining unauthorized access to the IPC$ share on network resources on the network on which it is operating. It is also believed that this ransomware is spread through phishing emails, malicious adverts on websites, and questionable apps and programs. Users are advised to be extremely cautious in their online activities.
Precautionary measures to mitigate ransomware threats include:
1. Ensure anti-virus software is up-to-date.
2. Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.
3. Scrutinize links contained in e-mails, and do not open attachments included in unsolicited e-mails.
4. Only download software – especially free software – from sites you know and trust.
5. Enable automated patches for your operating system and Web browser.
Furthermore, The DICT, through its Office for CyberSecurity and Enabling Technologies is currently looking for new innovative ways to do Isolation. Gone are the days of Traditional Isolation like segragation of networks – airgap. This technique is believed to help protect our system from cyber threats including ransomware.
For further information and support, please contact DICT at 920-0101 LOC 1200; email at firstname.lastname@example.org or visit @CICC.PH on Facebook and @CICC_PH on Twitter. Future updates will be provided as more information becomes available.