MENU

 

The following information was obtained from the different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG).

The information provided was classified as Restricted pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.

SUMMARY

Cyber security refers to the body of technologies, processes and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access. Cyber security may also be referred to as information technology security.1

Cyber security protects the data and integrity of computing assets belonging to or connecting to an organization’s network. Its purpose is to defend those assets against all threat actors throughout the entire life cycle of a cyber-attack. Kill chains, zero-day attacks, ransomware, alert fatigue and budgetary constraints are just a few of the challenges that cyber security professionals face.2

The major areas covered in cyber security include application security, information security, disaster recovery and network security.

Application security encompasses measures and counter-measures that are undertaken during the development life-cycle of applications to ensure its safety from threats from flaws in the application design, development, deployment, upgrade or maintenance. Some of the known techniques used for application security are input parameter validation, user/role authentication and authorization, session management, parameter manipulation and exception management and auditing and logging.

Information security protects information from unauthorized access to avoid identity theft and to ensure privacy. This includes identification, authentication and authorization of users and cryptography.

Disaster recover planning is a process that includes performing risk assessment, establishing priorities, developing recovery strategies in times of disaster. It is advisable for all organizations to have a concrete plan for disaster recovery to resume normal operations as quickly as possible to decrease the negative effects it may produce.

Network security includes activities to protect the usability, reliability, integrity and safety of a network. Effective network security targets a variety of threats and stops them from getting or spreading into a network. Network security components includes anti-virus and anti-spyware, firewall which blocks unauthorized access to the network, Intrusion Prevention System (IPS) which identify the fast-spreading threats such as zero-day or zero-hour attacks, and Virtual Private Networks (VPNs) which provides secure remote access.

RECOMMENDATION


PNP personnel and the public are advised to follow security precautions in order to minimize the risk of cyber attacks:

• Protect your passwords. Change your passwords regularly and make use of strong passwords;
• Never open received e-mails with links and attachments from unknown sender;
• When using public computers, like cyber café, be extremely cautious. There are no guarantees about the programs installed and there may be programs to store passwords, installed by previous users. If there is no other option for Internet access, close all programs after use, log-off and clear the browsing history;
• Always ensure that system access and passwords are locked up when the computer is not in use;
• When plugging in into a computer network, use the option of encrypted data for traffic information. Disable folder sharing or secure access to the operating system with password. Other users within the same network may be able to seek and write files on your computer;
• If you decide to make use of file sharing programs, be extra careful. Adjust the setting to folders that must be shared or not and read the contract (end user licensing agreement) to be aware of potential risks; and
• Ensure that anti-virus and anti-spyware are regularly updated and are properly working.

For additional information, please refer to the following websites:

• https://digitalguardian.com/blog/what-cyber-security1
• https://www.fireeye.com/current-threats/what-is-cyber-security.html2
• http://www.isaca.org/Knowledge-Center/Blog/Lists/Posts/Post.aspx?ID=296

POINT OF CONTACT

Please contact CSRAD, PNP ACG for any inquiries related to this CYBER SECURITY BULLETIN at This email address is being protected from spambots. You need JavaScript enabled to view it. or call 7230401 local 5337.