Petya, Wanna Cry, and Mirai—Is This the New Normal?

Wazzup Pilipinas!

This past year, cybercriminals have upped the stakes once again with the high profile, global attacks of Mirai, Wannacry, and Petya, launched one after the other.

Of course, large-scale attacks aren’t new. Attacks like the ILOVEYOU worm and Code Red and Nimda were massive attacks, some of which affected exponentially more devices and organizations that this latest round of attacks. The spread of WannaCry − which reportedly hit a couple of dozen companies in the Philippines − and Petya were quickly curbed unlike these worms of the past. But this isn’t just about scale.

Unlike in years past, the new digital economy means organizations rely on data as both a critical resource and an essential source of revenue. And these new attacks are more sophisticated than ever.

Attacks like Mirai managed to hijack tens of thousands of IoT devices, such as DVRs and digital CCTV cameras using known device passwords installed by their manufacturers. These devices were then aggregated and used as a weapon to take out a massive chunk of the Internet. More recently, Mirai’s lesser known malware cousin, known as Hajime, upped the ante by adding cross-platform functionality (it currently supports five different platforms), a toolkit with automated tasks, updatable password lists, and the use of thresholds to mimic human behavior in order to stay under the radar.

Wannacry pioneered a new sort of ransomware/worm hybrid, something Fortinet calls a ransomworm, in order to use a Microsoft exploit created by the NSA and publicly released by a hacker group known as the Shadow Brokers. Rather than the usual ransomware method of selecting a specific target, Wannacry’s worm functionality allowed it to spread rapidly across the globe, attacking thousands of devices and organization. While the potential was there, the damage was quickly curbed due to an embedded kill switch.

And just this past month we saw the emergence of a new ransomworm called Petya. This new malware uses the same worm-based approach of Wannacry, even targeting the exact same vulnerability, but this time with a much more potent payload that can wipe data off a system and even modify a device’s Master Boot Record, rendering the device unusable. Since very little money was made during this attack, we can say that this attack was certainly more focused on taking machines offline than monetization through ransom. Machine availability ransom like Petya may become a much larger problem in the future when spreading through a rapid Ransomworm.

I believe that the Wannacry and Petya attacks were simply shots across the bow. They are part of an insidious new opportunistic strategy of targeting newly discovered vulnerabilities with massive, global attacks and increasingly malicious payloads. This is just being the tip of the iceberg and potentially the start of a new wave of attacks we are in for in the future in the form of Ransomworms.

GEM Dazzles This August with Exciting Shows from Japan!

Wazzup Pilipinas!

Catch the most entertaining dramas and variety programs from Japan this August on GEM. 

Overprotected Kahoko

A naïve university student, Kahoko (Takahata Mitsuki), is about to start her first job. The world is a scary place as she has been sheltered by her parents all her life. Their close-knit family begins to fall apart as they cope with this inevitable change in the only child’s life. Will Kahoko finally muster enough strength to emerge from her cocoon?

Overprotected Kahoko premieres 28 August, every Monday and Tuesday at 9pm, first and exclusively on GEM.



49

Dan (Sato Shori) is an average student who is not good at sports or his studies. Tragically, his father dies in an accident and his spirit possesses Dan. As his father excelled at everything he did, Dan begins to exhibit the same behavior. He starts to play basketball well and even gains popularity amongst his classmates. Will his classmates discover the reason behind his sudden change?

49 premieres 17 August, every Wednesday and Thursday at 9pm, first and exclusively on GEM.

BOMB BEE MEN

Kazumi (Oguri Shun) is a poor university student who has some unique priorities in life. He desires to make everyone happy and never rejects people when they seek his help. As he secures his first real job, he finds out that his debt could cost his job offer! A host club owner and money-lender, OmuOmu, and his cronies had conned a huge amount of money from him. Desperate to get his money back, Kazumi decides to play OmuOmu’s money game. Will Kazumi’s endless optimism help him overcome the odds?

BOMB BEE MEN premieres 13 August, every Sunday at 10.30pm.



GOCHI: Dinner is on YOU Tonight Season 2 Special

In this two-episode special, our celebrity guests get to indulge in a wide array of delicious treats prepared specially by world-renowned chefs. While the guests can order as many courses as they want, they must ensure that the total price of their dishes should not exceed their given budget. The guest who has the biggest price difference will be the one to pay for everyone’s meal! Who would be the ‘lucky’ one?

GOCHI: Dinner is on YOU Tonight Season 2 Special premieres 12 August and 19 August, Saturday at 7pm, first and exclusively on GEM.

TOKUSON: Life Hacks!

Follow the hosts as they show us simple tricks using everyday items to help save time and make life more interesting. Be amazed by the things you can do to spruce up your mundane daily routine. From cooking, cleaning, and organizing, to everything else in between, TOKUSON: Life Hacks! has all the answers! Life will never be the same again!

TOKUSON: Life Hacks! premieres 30 August, every Wednesday at 10:10pm, first and exclusively on GEM.



GEM is available on SKYCable Channel 116 in Metro Manila and on Channel 222 in Cebu, Davao, Bacolod, Iloilo, and Baguio.

NPC: TELCOs and ISPs DPA Compliance Crucial to Data Protection and Privacy

Wazzup Pilipinas!

Telecommunications companies and Internet Service Providers (ISP) are critical industry segments that need to comply with the Data Privacy Act of 2012 (DPA). This was revealed during the first general assembly of Data Protection Officers (DPO) in the telecommunications and value added service (VAS) provider industry sector. The event entitled DPO3 is the third of a series of industry sector targeted DPO general assemblies. The first two were for government, and the banking and financial services sector.

Privacy Commissioner Raymund Enriquez Liboro mentioned that majority of data that traverse telco and internet providers’ networks is personal data; data that has to be protected under the DPA by entities in the business of transporting that data, like telcos and ISPs.

“Personal data is not limited to email and voice communications, most users are not aware that before a conversation can happen over telecommunications networks, they have to provide their personal data; starting with their phone numbers, then the IMSI number of their SIM cards, the IMEI number and the MAC address of their device; networks also geo-tag users’ location based on the which cell site or street cabinet they used. That is just a voice conversation, subscriber activity within telco and ISP networks generate volumes of personal data as well.” commissioner Liboro said.

DPO3 was organized by the NPC in cooperation with the Philippine Chamber of Telecommunication Operators (PCTO). According to Atty. Roy Ibay, Vice President of PCTO; “After government, telcos are the largest processors of personal data, and as such; we need to be the vanguards of data protection and privacy, it should not be treated as a burdensome compliance task, but instead, should be inherent in our operations and adds value to our organizations, ensuring competitiveness in a dynamic industry.”