Metro Manila (CNN Philippines, May 16) — Officials said the cyber-attack that took over computer systems in around 150 countries has not been reported in the Philippines yet, but netizens still have to be cautious.
Last Friday, some 230,000 computers were affected by the computer worm known as “WannaCrypt” or “WannaCry,” which hides in email messages, attachments, links, and applications.
Once in action, the malware encrypts all the information in the infected computer system, only to be decrypted upon payment of $300 to $600 (around ₱15,000 to ₱30,000) in Bitcoins to the hackers.
READ: Researchers find possible North Korea link to massive cyberattack
Department of Information and Communications (DICT) Assistant Secretary for Cybersecurity Allan Cabanlong said the so-called “ransomware” has not been reported in the Philippines yet.
“We had a meeting with the joint cybersecurity working group, together with other industries of the Philippines here like BPO (business process outsourcing), like the banks, like the telcos – Smart-PLDT, Globe was there,” Cabanlong said.
The country’s major telcos said they have not been attacked by the malware.
“WannaCrypt” preys on computers running on dated versions of Microsoft Windows, including Windows XP, Windows 8, and Windows Server 2003.
“Those who are running our free antivirus software or have Windows Update enabled are protected. Given the potential impact to customers and their businesses, we have also released updates for Windows XP, Windows 8, and Windows Server 2003,” Microsoft said in its statement.
The tech giant added those who installed the March 2017 updates for Windows Vista, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, and Windows Server 2016 are already protected.
Meanwhile, the DICT said it has no infrastructure in place yet to shield the country from an attack, so everyone must take precautions.
Cabanlong offered some advice on how users may protect their computer systems from getting infected by the malware.
“Sa ngayon pa lang, back-up their files. Import the files. Update your Windows OS (operating system). Don’t click anything sa email na hindi niyo alam kung saan nanggaling, especially those emails na asking you to click some URLs. Verify the sender, kung talaga bang galing ito sa totoong sender,” Cabanlong said.
[Translation: For now, back-up their files, import the files. Update your Windows OS. Don’t click anything in emails from unknown senders, especially those asking you to click some URLs. Verify the sender, if they are legitimate.]
The DICT has begun working on its “National Cybersecurity Plan 2022,” which is aimed to protect government networks, business supply chains, and individuals from cyber-attacks.
However, the Department is yet to secure the 2-billion peso budget they need to carry out the plan over the next three years.
READ: Gov’t to invest P2B for national cybersecurity
While the government still does not have the capacity to protect the entire nation from cyber-attacks, an information technology expert said netizens must work on their own protection.
“In the case of WannaCry, if for example you’ve failed to apply patches, or you don’t have an upgraded software, then you’re vulnerable, okay? What can be done today? Disconnect from the Internet. If you’ve not been hit yet, disconnect from the Internet. Let it cool down,” said Lito Aviera of the Philippine Computer Emergency Response Team.
He added it is likely that computer systems in the Philippines have already been infected, but are not being reported.
“There may have been victims already but they choose not to disclose it because it might tarnish their reputation. So they’re just keeping quiet,” Aviera said.
The DICT also recommends for netizens to check the Cybercrime Investigation and Coordination Center’s Facebook page for relevant and accurate information.
