Sensitive data at the Office of President (OPS) under Ferdinand “Bongbong” Marcos Jr. were stolen by Chinese-state sponsored hackers in a yearslong campaign, the Bloomberg wire agency reported.
Citing at least three people with knowledge of the matter, the report said the stolen data included military documents related to the territorial dispute between Philippines and China over the West Philippine Sea.
Launched by Chinese state-affiliated hacking group APT41, the report said, the breach on the President’s office was part of an espionage campaign on multiple government offices, hospital networks, and other organizations. Most of the attacks were launched from early 2023 until June 2024.
Last May, the OPS supposedly wrote to one of the cybersecurity experts who discovered and reported the hack on the executive branch to request for details. The experts reportedly told Philippine officials about the breach in 2023 and again in August 2024.
At a press briefing on Tuesday, Department of Information and Communications Technology (DICT) Secretary Ivan Uy said there had always been attempts to hack government data, but fortunately, sensitive pieces of information were not compromised.
Asked about the report on the Chinese hackers, Uy assured that government forces were able to detect the hacking attempts and thwart the loss of data.
“Well, there are always attempts to do so and in many instances for attacks like those, we’re able to detect them early on and when we do so we are able to secure the database and we’re able to secure the systems so that it remains just an attempt and not be able to compromise some of the more sensitive data,” Uy said.
“In some instances, attacks occur on the public phasing sites. So example, we have help desk that are open to the public so that the public can regularly report, let’s say their concerns—so, those open sites are really designed with minimal security because you want to allow the public to easily communicate with different government agencies,” he added.
Uy, for his part, said there are other countries that also experience hacking attempts from different state actors or non-state actors.
“But I’d like to reiterate that so far what we have seen is that no current information has been compromised. What we have seen so far are old data from many years ago that are being regurgitated, recycled just to make an impression that they were successful in doing so,” Uy said.
‘Daily occurrence’
Asked about the same report, the Armed Forces of the Philippines (AFP) said Tuesday that cyber attacks happen regularly.
“Cyber attacks are a daily occurrence. And what is important is we are able to detect and we are able to deter these attacks,” AFP spokesperson Colonel Francel Margareth Padilla said at a press briefing.
“So, we have intrusion detection systems in place and intrusion prevention systems that are in place,” she added.
Padilla said the AFP has been enhancing its cyber defenses with the help of concerned government agencies through coordination and training.
“We are looking at all of these. And it’s a given na talaga namang pong nandyan ‘yung mga (that there are indeed) threats in the cyber domain but what is important is that we are able to detect and we are able to deter these attacks,” she added.
The DICT said last November that approximately 2.1 million cyber threats are being monitored by the National Security Operations Center “at any given day.”
The main targets of the daily cyber attacks, the DICT said, are government—which make up half of the incidents—followed by the academe, the telecommunications industry, and the banking or health sectors, among others. — with a report from Joviland Rita/ VDV, GMA Integrated News
Be the first to comment