DICT: Most gov't agencies failed to respond to cybersecurity warnings

MANILA, Philippines — Only around one out of ten government offices that were recently notified by the Department of Information and Communications Technology (DICT) of a vulnerability in their cyber systems took action to protect themselves, Undersecretary Jeffrey Ian Day said on Tuesday. 

Just 55 out of 388 government agencies which were contacted about vulnerabilities in their public assets (data or devices part of a computer system) responded to the DICT, Dy told a House panel probing the series of hacking incidents on government websites.

These agencies include national government agencies and sub-agencies and smaller government offices housed under different agencies.

"This is very low compared to what we expect," Dy said.

Dy said that the DICT's network scanning initiative called Project SONAR has detected over 30,000 vulnerabilities after scanning the assets of over 800 agencies since being launched in December 2023. 

Vulnerabilities do not refer to actual hacking attempts and instead point to certain parts of a government's cybersecurity infrastructure that are at risk of being breached. 

The DICT official explained that Project SONAR scans the systems of agencies without permission and informs them the next day of the extent of their vulnerabilities. 

"So that if they need to procure something to defend themselves, that can happen," Dy said.

Most agencies notified of having vulnerabilities did not respond to the DICT. 

Dy said that there needs to be assigned focal persons who will respond to the DICT when informed about weaknesses in their cybersystems.

The DICT official also said that it has suggested for the Department of Budget and Management to include agencies' responses as part of their scorecard — a system that measures agencies' quality of good governance.
 
Dy said Project SONAR was created as a response to the multiple government hacking attempts that took place the year before.

In February, the DICT bared that its investigation found that cyberattacks targeting multiple government servers were traced to IP addresses based in China. 

A breach into the PhilHealth database in 2023 allowed hackers to steal millions of personal data and confidential memorandum, which they used to try to goad the government into paying a $300,000 ransom.

Despite promises by authorities to ramp up cybersecurity, according to a 2023 report by the Asia Pacific Foundation of Canada, the Philippines remains highly vulnerable to cyberattacks due to “widespread internet usage, low cybersecurity awareness, and underdeveloped cybersecurity infrastructure.” — Cristina Chi