MANILA, Philippines — The Department of Information and Communications Technology (DICT) said that the probe and the restoration of the Philippine Health Insurance Corporation’s (PhilHealth) security systems and functionality are already underway after a ransomware attack.
“The DICT condemns the ransomware attack carried out against PhilHealth in an attempt to illegally access the information of its members. We shall continue to investigate and monitor the acquired logs from PhilHealth’s affected systems,” said the DICT in a statement on Thursday.
It then assured the public that it is already working on the full restoration of the Philhealth’s security, vowing to safeguard government systems and infrastructure from malicious cyber threats.
“Efforts to restore the functionality of PhilHealth’s DNS server are underway,” the agency added.
On September 22, computer hackers attacked the website and online application of PhilHealth taking down the systems and blocking access for more than 24 hours.
The DICT said that upon learning of the breach, its Cybersecurity Bureau’s National Computer Emergency Response Team rushed to PhilHealth Head Office and implemented critical security measures which included the disconnection of workstations from the network, prompt coordination with PhilHealth to gauge the extent of the attack, and collection of relevant logs for thorough analysis.
PhilHealth’s critical web services, however, remain only accessible via their IP addresses as it continues to undergo comprehensive security scanning.
As of writing, its website also remains inaccessible.