January 8, 2025 | 12:00am
No current information compromised, says DICT
MANILA, Philippines — Cyberattacks have not compromised current data, the Department of Information and Communications Technology (DICT) said yesterday, amid reports that China-based hackers have infiltrated the Philippines’ executive department and stolen sensitive information.
DICT Secretary Ivan Uy said his agency is repelling daily “several hundred thousand” attacks that target not just the executive branch but also the legislature.
“There are always attempts to do so and in many instances, for attacks like those, we’re able to detect them early on. And when we do so, we are able to secure the database, and we’re able to secure the systems so that it remains just an attempt and not be able to compromise some of the more sensitive data,” Uy said yesterday in a press briefing at Malacañang.
“I’d like to reiterate that so far, what we have seen is that no current information has been compromised. What we have seen so far are old data from many years ago that are being regurgitated, recycled just to make an impression that they were successful in doing so,” he stressed.
Earlier, Bloomberg reported that China state-sponsored hackers had penetrated the Philippines’ executive branch and had stolen “sensitive” data as part of a yearlong campaign. According to Bloomberg, military data were among those stolen during the hacks, most of which happened from early 2023 to June 2024.
Uy said other countries also experience attacks or claimed attacks from different state or non-state actors as well as claims that there had been data breaches.
He called on the public to be more discriminating in entertaining claims that state agencies have been hacked.
“So, we challenge them, ‘OK, post it, what did you get?’ And either they do not post anything because they did not get anything, they just claim to have done so; or if they post, we see that these are dated (or) old data. So, that’s how we’re helping all the different sectors,” the DICT chief said.
“If there are any claims that there was any successful extraction of any data, just show it then we will be able to see whether these claims are actually authentic or not.”
Hackers persistent
Jeffrey Ian Dy, ICT undersecretary for infostructure management, cybersecurity and upskilling, yesterday stressed that the advanced persistent threats (APTs) are ever present, especially from offshore hackers, and that government’s cyber defense forces are always conducting monitoring and blocking activities.
“They are persistent. They happen off and on. It is continuing, and it is persistent,” Dy told The STAR.
Another DICT official also denied a report claiming that Chinese hackers have successfully stolen military data from various government systems in recent years.
In an interview with “Storycon” on One News, Assistant Secretary Aboy Paraiso said the data cited in a recent Bloomberg report came from incidents during previous administrations.
“As early as January of last year, we already announced that there are persistent threat actors and threat attempts against our government systems, including our various military websites,” he said in a mix of English and Filipino. “But this report from Bloomberg, it has not shown any evidence (of recent successful hacks).”
Dy pointed out that from November to December 2024, they had monitored and blocked some 249,000 different threats, but these were all pre-empted or blocked.
“These are malicious attempts, but not necessarily all coming from China,” he said, commenting on the report of supposed state-sponsored hacking on the Office of the President (OP) and Armed Forces of the Philippines (AFP) from China.
Referring to the alleged breach on the OP by Chinese hackers, Dy said this was old news. “Actually, the Bloomberg report is just a confirmation of what the Philippine government divulged,” he stressed.
He said that when he publicly discussed the APT coming from suspected Chinese actors, he had been authorized to do so by the National Cybersecurity Inter-agency Committee.
He said he cannot discuss the reported hack on the OP and AFP, especially as this concerned national security, adding the military’s cyber command unit has jurisdiction over the matter.
Paraiso said no new data have so far been released by the alleged hackers. “We keep on insisting and challenging these threat actors and hackers to show the data (that they supposedly hacked),” he said.
He said they also have evidence confirming that some of the threat actors and groups are known to be Chinese hackers. “But whether they are state-sponsored, we cannot answer that,” he said.
“But it doesn’t necessarily mean that if the threat actors are located (in one country), they are their citizens,” he pointed out, citing cases wherein Chinese hackers are discovered to be operating from the Philippines.
He said the DICT is working hard to ensure the safety of vital government systems.
“No one is 100 percent safe from these threat actors… It is as safe as it can be,” he added.
Neither confirm nor deny
The AFP meanwhile neither confirmed nor denied reports that the OP has been victimized by cyberattacks, giving assurance that detection and prevention systems for such attacks against the government are in place.
The statement was issued following a report by Bloomberg that Chinese hackers targeted Malacañang and supposedly stole information, including military information related to the territorial dispute in the South China Sea and West Philippine Sea.
“Cyberattacks are a daily occurrence. And what is important is we are able to detect and we are able to deter these attacks. So, we have intrusion detection systems in place and intrusion prevention systems that are in place,” AFP spokesperson Col. Francel Margareth Padilla told reporters.
“So, on the side of the Armed Forces… we are in very close coordination in terms of our ally partners… even in our exercises, (including) cyber security defenses,” she explained.
Padilla said the military has deep coordination with different agencies because cybersecurity is everybody’s concern, not just the AFP’s. — Rainier Allan Ronda, Janvic Mateo, Michael Punongbayan
Be the first to comment