The recent onslaught of cybersecurity attacks against government agencies raises the need for regular assessment of their firewalls to shut bad threat actors out of their systems and keep sensitive information safe, according to Kaspersky.
Yeo Siang Tiong, general manager for Southeast Asia of the Russian cybersecurity company, said the government could remain on top of the matter by always checking their systems and evaluating potential risks that may infiltrate the networks.
“We recommend to do regular compromise assessment, to scan across the entire threat surface of the organization, and to do regular cyber exercise to rehearse the response mechanism, and establish clear roles and responsibility of the various teams,” he told the Inquirer.
The cybersecurity expert said government agencies must always remind their staff to only store sensitive data in trusted cloud storage that requires authentication for access.
This also serves as a reminder for employees using personal devices, which can be entry points for hackers, for work.
For the immediate response, Yeo said the first thing to always do is change passwords.
Then the hacked organizations must “assess the reach of the attack and implement a detection and response strategy,” he added.
Major attacks
The Department of Information and Communications Technology (DICT) has been recently dealing with major cyberattacks against government agencies. Earlier this month, it confirmed that 2 terabytes worth of Department of Science and Technology (DOST) data—including research plans, schematics and designs—had been compromised.
This resulted in DOST being locked out of their system, meaning they could not access the said data. The cyberattack was expected to delay the approval of pending patents and other DOST research and development initiatives, DICT Assistant Secretary Renato Paraiso said earlier.
Last week, the reporting system of the Bureau of Customs (BOC) was also targeted by cybercriminals.
The reporting system serves as a communication line among BOC units. The data that are potentially compromised include information about cargo movements being monitored by the government agency, Paraiso explained.
For both cases, the DICT has isolated infected systems, which are now being investigated to resolve the matter.
Paraiso earlier said that cyberattacks have been rampant in the country, targeting both government agencies and the private sector. In fact, he noted the country deals with 2 million cyberattacks daily.
Government agencies are attracting cybercriminals because they hold vast amount of significant data, including personal information, which can be exploited by hackers for financial gains. INQ