MANILA, Philippines — As the Department of Information and Communications Technology is facing mounting pressure to bolster the government's cybersecurity defenses, a ranking official stressed the need for a whole-of-nation approach in preventing cyberattacks.
DICT Undersecretary Jeffrey Ian Dy attributed the security vulnerabilities of the Philippines to the lack of a comprehensive cybersecurity law and mandatory reporting requirements. The country ranks 29th out of 250 countries with the highest frequency of attacks, according to Norway-based private network provider Surfshark.
Related Stories
"Cybersecurity is a team effort. You can't have a star player while the rest of the team fails," he said in a radio interview on Radyo 630 Teleradyo Serbisyo on Wednesday.
"On the one hand, a hacker only needs to attach one [system], the rest becomes easier for him or her," Dy added in Filipino. "That's why as a country, we need a whole of nation approach."
He also noted that the Philippines, along with countries like the US, China, India and Russia that are facing geopolitical challenges, tend to be prime targets for attacks.
Dy's remarks came after the July 16 ransomware attack on the Department of Migrant Workers, which halted services to overseas Filipinos and forced department officers to manually process documents as a stopgap measure.
He confirmed that the DMW attack involved Lockbit, a strain that has supposedly already been taken down by an international coalition of 10 countries. "We are wondering how DMW was still affected by a Lockbit ransomware, so we're still investigating that," he said in Filipino.
Officials believe information was also extracted during the attack, but are yet to reveal its full extent in the early stages of the investigation.
"A ransomware would not activate if it was not able to extract [data]. They got [something], for sure. That's what we're asserting. Besides, the DMW is obligated to report this to the National Privacy Commission if there are personal identifiable information that has been compromised... They're just not ready to say what or to what extent," Dy said in mixed Filipino and English.
The incident comes on the heels of other major cybersecurity breaches in the Philippines, including last year's ransomware attack on the Philippine Health Insurance Corporation.
Government agencies' part
While the DICT works on plugging digital security holes, government agencies have also been urged to respond to the department's warnings on vulnerabilities of current systems.
"We need to make non-technical personnel in government and private sector understand that the DICT has advisories where we present vulnerabilities.... but only 21% of them have responded," Dy said.
READ | DICT: Most gov't agencies failed to respond to cybersecurity warnings
The technology that allows the DICT to monitor weaknesses and breach risks of digital systems is Project SONAR, a network scanning initiative launched in 2023.
Dy admits, however, that agencies may not currently have the capacity to solve cybersecurity problems on their own since the DICT is unable to respond "simultaneously to the entire government."
"Each and every government agency must develop that capability also," he said.
Government agencies are the top target, accounting for nearly 50% of attacks, followed by telecommunications companies and academia. Ransomware and credential harvesting malware are the most prevalent threats.
While breaches on government systems are mounting, Dy said these are not even the worst.
"If we add the whole picture of cybersecurity with consumer issues, the largest would still be scams. Those are number one by far," he said. — Based on reports from Gabriell Christel Galang