The Philippine Health Insurance Corporation (PhilHealth), the government’s health insurance program, experienced a ransomware attack on September 22, 2023. The Department of Information and Communications Technology (DICT) quickly responded to secure compromised systems, and the Philippine government has joined the Counter Ransomware Initiative (CRI) to strengthen defenses against cyber threats.
According to Jeffrey Ian Dy, Undersecretary for Connectivity, Cybersecurity, and Upskilling at DICT, the attack was identified as a Medusa ransomware attack. This type of malware encrypts files and demands a ransom for the decryption key. DICT has been coordinating with PhilHealth to assess the impact of the attack. While eGovApp, the system used by PhilHealth, is temporarily down, there are no signs that eGov has been affected.
As a broader solution, the Philippines has decided to join the Counter Ransomware Initiative along with countries like the US and Australia. The government has recommended joining the initiative to the Department of Foreign Affairs. This initiative aims to enhance international cooperation in preventing, detecting, responding to, and recovering from ransomware attacks.
The ransomware attack on PhilHealth is part of a series of cyberattacks targeting government agencies and businesses in the Philippines. Joining the Counter Ransomware Initiative is a positive step for the Philippine government as it will provide access to resources and expertise in defending against such attacks.
John Patrick Lita, CEO and Founder of SOROS Securities Inc, emphasized the importance of implementing robust security measures to defend against ransomware attacks. These measures include endpoint security, device management, network security, intrusion detection/prevention systems, and user training to raise awareness of potential threats. In the event of an attack, organizations should activate their incident response plan, isolate infected devices or networks, conduct a root cause analysis, document the incident, and enhance defenses based on lessons learned.