PROTECTION AGAINST RANSOMWARE
May 17, 2017
The Minister of Public Administration and Communications has received an assurance from the managers of the Government’s Information and Communications Technology (ICT) infrastructure that there are systems in place to treat with ‘ransomware’ attacks that afflicted over 100 countries over the weekend.
The Government’s ICT infrastructure, GovNeTT, is managed by the National Information and Communication Technology Company Limited (iGovTT) which is supported by contractual agreements with a contractor’s alliance of Fujitsu and a team of ICT companies.
Last week the Minister told the House of Representatives that Government had saved US$40 million in negotiating a new Microsoft Enterprise Agreement for the public service and had also reached agreement on a new End-point security software contract with Symantec. End-point Security protection will be the Government’s first defense in protecting its IT assets from cyber-attacks such as Ransomware.
The Government also achieved $2.5 million dollars in savings in its negotiations with Symantec. The old Symantec agreement expired in 2016 but the Ministry of Public Administration and Communications (MPAC) negotiated an eight-month extension at no cost. It is expected that the new agreement will provide $3.6 million worth of security software to the public sector.
As the Minister with responsibility for ICT, Minister Cuffie said the Symantec agreement provides security for all computers and software throughout the public service.
Additionally, a review which looks at the vulnerability of GovNeTT is also being conducted. This exercise is expected to be completed shortly. In the meantime, the MPAC will work with iGovTT to prepare a best practice checklist which will be shared with all Ministries, Government departments and agencies.
Further information on the ransomware attack is provided below from our ICT providers:
There was widespread international disruption caused by the ransomware attack known as WannaCrypt0r/WannaCry. This has the ability to encrypt all files on a Windows system and render it unusable unless a fee is paid for decryption.
On 12-May-2017, Microsoft released a security update for versions of Windows that are no longer under mainstream support (Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64).
Fujitsu has assured that it is aware of the global ransomware threat from last Friday and has been reviewing potentially vulnerable Windows systems in GovNeTT. This includes the current patch levels as well as firewall rules which may allow for the spread of the threat. The company has committed to executing any emergency change orders based on their findings.
Public servants and members of the public are asked to note cyber criminals are constantly active, seeking new ways to attack both corporate networks and individual syayems. Attacks vary in purpose but “phishing” attacks are increasingly common. Phishing attacks often appear to come from a trusted source, including an organization’s leadership team. All persons are reminded to be extremely vigilant when opening emails from unexpected sources or from individuals known to you but from an unusual/different email address, opening attachments or following links. Some simple steps you can take to protect yourself are:
If an email looks suspicious, treat it with care and do not click on enclosed links
Take particular care with links in web-based email
Rather than clicking on a link, open a new browser window and go to the known home page for the site
Use different passwords for different online accounts; if one is compromised the others will still be protected
Change passwords regularly, and if you suspect that your password has been compromised, change it immediately
Don’t disclose your password to anyone
Remember that reputable companies do not send unsolicited mail asking you to provide sensitive information
Don’t provide personal or financial information through a website, unless you typed in the web address yourself
Look for indications that a website is secure (for example, a URL that begins https)