Last Monday (15 May 2017), the Bangko Sentral ng Pilipinas (BSP) re-issued its guidelines on managing ransomware and other malware attacks due to the global WannaCry incident. The Memorandum No. M-2017-018 was first issued on 8 February 2017.
The WannaCry attack affected more 200,000 IT systems in at least 50 countries globally within a day of its launch on 12 May 2017. So far, no organisation in the Philippines has reported that they were hit by the ransomware.
The guidelines, re-issued by incoming BSP Governor Nestor Espenilla Jr., reminded all BSP-supervised financial institutions (BSFIs) in the country to "heighten their vigilance and ensure that robust protection against ransomware is in place."
BSFIs were advised to follow preventive measures, such as:
- Providing multiple security layers by implementing appropriate controls at the host, network, and endpoint to prevent and detect malicious codes.
- Applying the "least privilege" principle, at a minimum, in granting access to all systems and services. This includes prohibiting the download and use of unauthorised files and software, as well as access to doubtful websites.
- Installing and updating anti-malware software. BFSIs should conduct periodic vulnerability scanning and ensure that they have effective patch management procedures for all critical systems and applications.
- Ensuring adequate back-up and recovery procedures are in place.
The BSP discourages BSFIs from paying or communicating with the attackers if their systems are infected as doing so does not guarantee the release of the encrypted files. In addition, paying the ransom will only encourage cyber criminals' illicit activities, said Espenilla Jr.
Instead, the central bank told BSFIs to report ransomware and other cybercrimes to them.
Sign up for CIO Asia eNewsletters.