Subscribe Us

header ads

DICT Monitors New Petya Ransomware


Last May 2017, the world expererience a massive cyberattack wave caused by the WannaCry Ransomware. It affected 300,000 organizations globally and caused damage to corporate, government, academic and personal systems.

Another ransomware has caused damage starting last June 27,m2017. It is called Petya and has also caused damage in more than 60 countries.

The Department of Information and Communications Technology (DICT) is closely nt monitoring the most recent cyberattack in the world’s systems. The DICT has yet to receive reports of any disruptions being experienced in the country. 

The DICT is coordinating closely with professionals, experts and industry specialists with regards to addressing the issues and concerns that might be caused by the Petya ransomware. DICT Assistant Secretary Allan Cabanlong who is in charge of the department’s cyber security and enabling technologies disclosed the efforts being made and has also gained insights and information just coming from a meeting of global cybersecurity specialists in Germany. 

The pattern of the Petya ransomware follows the WannaCry  method wherein fules are encrypted and payment for releasing the encrypted files are demanded using bitcoin as ransom payment.

“This is about the meeting of cybersecurity experts around the world at the George C. Marshall Center for European Security Studies of which I am an Alumnus. Called Communities of Interests, we are evaluating strategies for the right understanding and implementation of cybersecurity in the field of defense and cybercrime,” Cabanlong said. 

Cabanlong emphasized that cybersecurity systems are  critical component  in all systems since there are vulnerabilities that can be exploited by the malware infecting computers worldwide.

The DICT has already issued a memorandum to all concerned agencies and private institutions about the current systems infection and possible countermeasures.

The DICT released an advisory that using patches for Windows OS can be used so that it will  disable the server message block file-sharing protocol and the Widows management instrumentation command line.

“Petya ransomware encrypts systems after rebooting the computer. If your system is infected with Petya ransomware and it tries to restart, just do not power it back on,” as stated in the advisory

To prevent being infected do the following steps:

Step 1: Patch your Windows system/s. Look for your version on the list.
https://technet.microsoft.com/…/libr…/security/ms17-010.aspx



Step 2: Disable SMBv1 file-sharing protocol.
http://www.thewindowsclub.com/disable-smb1-windows



Step 3: Disable WMIC (Windows Management Instrumentation Command-line)
https://msdn.microsoft.com/e…/library/aa826517(v=vs.85).aspx

Posted 7/5/2017 1:30 PM

Post a Comment

0 Comments