THE Department of Information and Communications Technology (DICT) will be coordinating with China after it detected and countered a cyber-attack attempt on Philippine government websites.
In a press conference on Saturday, February 3, 2024, Undersecretary Jeff Ian Dy said the targets of the attack were the government emails and websites, particularly the domain administrators of the Cabinet Secretary, the Department of Justice, the Congressional Policy and Budget Research Department of the Congress, the National Coast Watch System, and the DICT.
Dy said there was also a “brute force attack” to take down the Overseas Workers Welfare Administration (Owwa) website.
The DICT official also said there are spyware or espionage activities, which maybe perpetrated by threat actors or advanced threat groups detected by Google’s tactical information security arm.
He said Google reported the hacking attempt two weeks ago.
“Itong klase ng ganitong atake, ang ginagawa lang po nito ay magmanman. Hindi naman po niya nakita iyong ating mga emails, nadepensahan naman natin although iniimbestigahan pa rin natin ngayon,” said Dy.
(This type of attack, all it does is spy. It didn't see our emails; we defended ourselves although we are still investigating now.)
“In our investigation, the attacker, we were able to trace iyong kanilang tinatawag na ‘command and control’ operating from within China. So, we were able to detect that the attackers were coming from China Unicom,” he added.
Dy said they cannot say yet if the Chinese government is directly involved in the hacking attempt.
Meanwhile, the official said the DICT said they are investing to improve their technological capability to fortify the government’s critical infrastructure amid current and emerging cybersecurity threats.
He said they also urge the Congress to prioritize laws such as the Critical Information Infrastructure Protection Bill, Cybersecurity Bill, and a bill on foreign interference, which also includes countering cognitive warfare or the propaganda being spewed foreign sources.
The agency is also planning to revive the Medium-term Information and Communications Technology Harmonization Initiative (Mithi), which aims to harmonize ICT-related resources, programs and projects in all government agencies and institutions to ensure that there is a systematic process for the planning, budgeting, implementation, monitoring, and evaluation of government-wide ICT projects.
“Ito po ay pakikipag-ugnayan namin sa Department of Budget and Management upang ang i-a-approve namin iyon iyong binabanggit po ninyo upang lahat ng mga IT projects kasama na iyong cybersecurity projects ipadaan sa DICT, sa DBM kasama na rin ang Neda, DOF para kapag ginawa ang budget alam din namin na iyong binibili consistent and within the ambit of what can work together,” Dy said.
(We also communicated with the Department of Budget and Management so that we will approve what you are talking about, so that all IT projects, including the cybersecurity projects, will go through DICT, DBM including Neda, DOF, so that when the budget is made, we also know that what have been bought is consistent and within the ambit of what can work together.)
The Congress approved a P150 million budget for the DITC for 2024.
Meanwhile, in a press conference on Monday, February 5, 2024, Philippine National Police (PNP) Anti-Cybercrime Group (ACG) director Major General Sydney Hernia said they are also keenly monitoring the hacking attempts against government websites and finding ways to prevent it from being successful.
“Well it's normal po yan (It’s normal). Hindi lamang Pilipinas ang sabi ko nga (I'm not just talking about the Philippines). Even the first world countries are experiencing the same. So hindi na yan bago sa atin. Sa buong mundo nangyayari yan. Hindi lang paisa-isa, napakaraming cyber-attacks actually. So sa atin kung meron man ganun (So that's not new to us. It happens all over the world. Not just one at a time, there are actually a lot of cyber-attacks. So to us if there is such a thing), we have to investigate and we will try to find ways how to prevent those attacks na naiinfiltrate yung ating mga different for example different information systems natin na maiwasan na mapasok ng mga ganung cybercriminals,” he said.
He said they are also in coordination with the DICT and the Congress to strengthen the country's legal frameworks against cybercrimes.
They also prioritize the upskilling of their personnel and to boost their partnership with the private sector. (TPM/SunStar Philippines)