Network Report 2
Network Report 2
Network Report 2
Date :
To :
Incident Overview:
Hackers attacked a company and used a new virus called .mkp to lock their important files.
The company asked for help from various cybersecurity and data recovery services to find a
solution to the problem.
BEFORECRYPT
Amount: Couldn't find out
Status: Not available in the Philippines
Notes: The service to unlock files is not offered in the Philippines.
TICTACLABS
Amount: Between $3,800 and $15,000
Status: Waiting for a response after giving them a sample file.
STOPDJVUDECRYPTOR
Amount: $550
Status: Can unlock files but needs money upfront. Gave them a sample file.
RANSOMWAREHELP
Amount: $1,750 for checking the problem
Status: Checked the issue, now waiting for them to recover the files. Costs between $12,000
and $25,000.
DATARECOVERY.COM
Amount: Couldn't find out
Status: Still waiting for them to respond.
Shahnawaz Ali
Amount: $8,300
Status: Can unlock files with a sample file. Negotiating payment terms.
Stellar
Amount: $149 for checking the problem
Status: Still waiting for them to reply. Created a support ticket.
No More Ransom
Amount: Couldn't find out
Status: Can't help with the .mkp files right now.
Kaspersky
Amount: Couldn't find out
Status: Can't unlock files without the bad guys' secret key. Suggests changing a password.
Trend Micro
Amount: Couldn't find out
Status: Still waiting for them to respond.
Heimdal Security
Amount: Couldn't find out
Status: They don't have the right tool for the new .mkp virus.
Ransom Hunter
Amount: Couldn't find out
Status: Still waiting for them to respond.
Reliserv Solution
Amount: Couldn't find out
Status: They don't have the right tool for the new .mkp virus.
Between December 27 and 29, 2023, we successfully installed Sophos Firewalls to strengthen
our organization's cybersecurity. The details about what exactly was done during this time
were not provided.
From January 11 to 13, 2024, we continued to improve our cybersecurity by installing VPN
Firewall Sophos Devices. This was specifically done at our Mohon, Gusa, and Macasandig
offices in Region 10.
Installation Details:
Locations Covered:
Mohon Office
Gusa Office
Macasandig Office
Purpose:
We set up these devices to create secure connections (VPN) between our main network and
these offices. This ensures that our communication and data transfer remain safe and
protected.
Outcome:
All installations were successful, making our network more secure. Now, our Mohon, Gusa,
and Macasandig offices have stronger protection against potential cybersecurity threats.
Next Steps:
We will test the VPN connections thoroughly to make sure they work well.
Regular monitoring and maintenance will be in place for both Sophos Firewalls and VPN
devices.
Noted by:
JERAMIE T. BUQUE
OIC, General Services Department