The Department of Migrant Workers (DMW) in the Philippines recently suffered from a ransomware attack, which temporarily suspended its online services. The agency assured that OFW databases were not compromised, as it collaborated with the Department of Information and Communications Technology (DICT) to restore its service.
Increasing cyber attacks
Patrick Tiquet, VP of Security and Compliance at Keeper Security, said this incident is not isolated.
“Government agencies, and the organisations that work with them, often hold vast amounts of sensitive data and provide critical services, making them lucrative targets for cybercriminals seeking financial gain through ransom or the sale of stolen data,” Tiquet said.
“Southeast Asian government networks have been the target of a recent wave of ransomware attacks. Good ransomware mitigation practices will require the organisation to address the factors of people, technology, and processes, added Kelvin Lim, senior director of Security Engineering at Synopsys Software Integrity Group.
Combatting threats
“Adopting a zero-trust security model in conjunction with least-privilege access, Role-Based Access Controls (RBAC), a Single Sign-On (SSO) solution, and appropriate password security can greatly decrease the likelihood of a successful cyber attack and stymie the threat actor’s access. Companies should also have security event monitoring to promptly detect and respond to potential threats, implement regular system backups, establish comprehensive incident response plans, and ensure that all staff receive thorough training in basic cybersecurity practices. Simple measures like keeping software up-to-date, using strong passwords, and mandating Multi-Factor Authentication (MFA) can go a long way in preventing attacks,” Tiquet said.
Meanwhile, Lim underscored the importance of data backup, encryption, user education, application security, and software updates. He also reminded organisations to deploy email filtering, access control, network segmentation, monitoring, and security audits.
“Regular security audits are necessary to identify any lapses in the systems, network, and processes,” he said.
