Philhealth Cyber Attack: Recommended Steps To Prevent Ransomware

After the Philhealth Cyber Attack, agencies recommended steps to prevent the same incident

Philhealth Cyber Attack – Following the hackers’ effort to take over the site of the Philippine Health Insurance Corporation (PhilHealth),  the Department of Information and Communications Technology (DICT) recommended these steps to prevent the cyber attack.

Last Friday, Philhealth’s site was hacked by the Medusa ransomware group which demanded the insurance company to pay $300,000 (P17,063,850) in ransom money for the stolen data.

With this, the insurance company disabled access to all its systems, including the website, the member portal, the health care institution (HCI) portal, and the e-claims platform.

philhealth cyber attack
📷: Head Topic

Based on the report from Interaksyon, Philhealth assured that this situation was managed already. The insurance company stated that the members’ personal and medical information was not compromised or leaked.

While the restoration is being done to the affected system, Philhealth will continue its operations manually.

Following that cyber attack, DICT reminded government agencies to implement measures to prevent ransomware groups from accessing their sites. Here are the steps:

  • Backing up files, systems, processes, and other digital assets
  • Prohibiting the use of illegal software and unlicensed programs, especially those downloaded from the internet, in all government offices
  • Reviewing the access management policies of the organization, including the use of computers not issued by the government
  • Implementing a recovery plan to properly store multiple copies of sensitive or proprietary data in different secure locations

The Philippine National Police-Anti-Cybercrime Group (PNP-ACG) also released a post reminding the public what to do if a cyber attack is happening.

PNP-ACG spokesperson PCPT. Michelle Sabino advised the public to install anti-virus software and keep it up to date in order to prevent the cyber attack.

Ito yung magdedetect, sila yung pag nakita o merong attempt, ibo-block na nila. Pag nakita na nila na parang ransomware to, bago pa ma-infect yung system niyo, nadedetect na nila,” Sabino said.

She added that it is important that government employees should be trained about email security measures, domain name system (DNS), and web filtering services. Sabino also reminded the public to be careful in downloading applications.

For more updates, follow us on FacebookX (Twitter), and Instagram.

Leave a Comment