ACG-CYBER SECURITY BULLETIN NO 119 UNDERSTANDING CORRUPTED SOFTWARE FILES
The following information was obtained from the different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG).
The information provided was classified as Restricted pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.
Attackers nowadays make use of common file types when making an attack. They insert malicious codes into any file that is usually considered safe, just like in word documents with processing software, images or any other common file. Once the file is corrupted, the attacker may distribute it with the use of the e-mail systems or post it to a website. The attack may depend on the type of the malicious code and it may infect any computer by just opening the file.
When corrupting a file, attackers take advantage of vulnerabilities that are discovered in the software that is use to create or open a file. These vulnerabilities are being exploited by attackers in order to insert and execute malicious codes or scripts in a manner that seems to be unnoticeable. Sometimes these vulnerabilities involve a combination of files or only affect a certain version of a software program.
Nowadays, members of the Philippine National Police (PNP) are making use of e-mails and other online communications for work-related activities in order to easily communicate with other offices and with the community as well.
PNP personnel to include the public must be vigilant with the use of Internet. Everyone should understand the risk of using e-mails and other online communications for cyber criminals may take advantage of attacks when people neglect to take necessary precautions. It may not only result on making personal damages but it may somehow affect the PNP organization as a whole.
PNP personnel are advised to follow the best practices listed below for security purposes when using e-mail or other online communications whether for personnel or work.
- Always be cautious when using e-mail or other online communications. Do not open attachments from unknown senders. If you wish to open an attachment, make sure to scan it for viruses.
- Make use and maintain updated anti-virus software. It can often recognize and protect your computer against known viruses so you may be able to detect and remove the virus before it can do any damage.
- Be careful of downloadable files on websites. Avoid downloading files from untrusted websites. If you are getting files, always look for a website certificate and if you download a file, make sure you save it to your computer and manually scan it for virus before opening.
- Always keep your software up to date. Install software patches so that attackers cannot take advantage of vulnerabilities. Many operating systems offer automatic updates, it is highly recommended to always enable it.
- Check the security settings of your e-mail and web browser. Apply the highest level of security available that still gives you the functionality that you need.
For additional information, please refer to the following security websites:
POINT OF CONTACT