DICT urges companies not to pay for ransomware to avoid repeat attacks | #ransomware | #cybercrime

DICT seeks add’l P5.6 billion in 2024 national budget cybersecurity confidential funds logo secret

| PHOTO: Departmet of Information and Communications Technology official facebook page

MANILA, Philippines — Lest becoming repeat victims, companies should never pay ransom to creators of ransomware, according to Department of Information and Communications Technology Secretary Ivan Uy.

Uy made the reminder as he noted that those who give in to the hackers’ demands become victims of more attacks.

“Based on what have been observed worldwide, the moment these companies succumb and pay the ransom, then they are included by this criminal organization in the list of favorite ‘customers’,” Uy said in an ambush interview in a cybersecurity forum organized by Stratbase ADR and Canadian Embassy held at Manila Polo Club.

“This is a big lesson to companies. Do not ever pay ransom in any of these ransomware attacks. You will only open up your company to more attacks,” he added.

READ: Hackers attack PhilHealth’s website, systems

Ransomware is a type of malware that threatens to permanently block access to the victim’s files unless a ransom is paid.

Uy noted that cyber attacks like ransomware are very preventable but it still occurs “because some of the best practices are not being adhered to.”

He said that simply updating the antivirus and firewall could prevent ransomware attacks. Companies should also create a back-up of their files and system so they could have something to rely on even as ransomware encrypts the original files.

READ: PhilHealth spends P14M for new anti-virus system

“A lot of these are preventable if we practice cybersecurity standards. Unfortunately, a lot of the gaps we have seen is due to the lack of concern, lack of priority, lack of discipline on the part of our institutions, whether public and private, that cybersecurity and their information communication technology systems is something that needs to be strengthened, that needs to be protected,” Uy noted.

Last year, the website and online application of Philippine Health Insurance Corporation (Philhealth) became the victim of a ransomware attack. Services and transactions of the state insurer were done offline before its website was restored  several days later.

Blaming the attack on outdated antivirus software, Philhealth invested about P14 million for a new antivirus system.

Unlike foreign companies that pay up, Uy also noted that Philhealth did not pay the perpetrators of the ransomware attack.

Your subscription could not be saved. Please try again.

Your subscription has been successful.

“Kuripot tayo, hindi tayo nagbabayad ng ransom (we are stingy; we don’t pay ransom),” Uy said.

Source link

National Cyber Security