Following the PhilHealth ransomware attack last September 22, 2023, Department of Information and Communications Technology (DICT) has released an official statement.
Here’s the full text of DICT’s statement;
The Department of Information and Communications Technology (DICT), through its Cybersecurity Bureau, proactively responded to address a ransomware attack that targeted the Philippine Health Insurance Corporation (PhilHealth) last September 22, 2023.
Upon learning of the breach, the DICT Cybersecurity Bureau’s National Computer Emergency Response Team (NCERT) went to PhilHealth Head Office and implemented critical security measures which included the disconnection of workstations from the network, prompt coordination with PhilHealth to gauge the extent of the attack, and collection of relevant logs for thorough analysis.
As of September 25, 2023, PhilHealth’s critical web services are only accessible via their IP addresses and currently ongoing comprehensive security scanning. Efforts to restore the functionality of PhilHealth’s DNS server are underway.
The DICT condemns the ransomware attack carried out against PhilHealth in an attempt to illegally access the information of its members. We shall continue to investigate and monitor the acquired logs from PhilHealth’s affected systems. An extensive checklist has been prepared by the DICT to benchmark PhilHealth’s readiness to get their systems online.
The DICT is committed to ensuring the full restoration of security and stability in PhilHealth systems and to safeguarding government systems and infrastructure from malicious cyber threats.