EDITORIAL — Advanced persistent threat

Cybersecurity experts have been warning about the threat for some time now: hacking of government websites, with the attacks originating from foreign countries. The experts, citing global data, said most of the attacks have been traced to operators in only a handful of countries: North Korea, China, Russia and Iran.

In the case of a recent hacking attempt targeting the Philippine Coast Guard, the National Coast Watch and the private website of President Marcos, the operation was traced to Chinese telecommunications operator China Unicom. This is according to the Department of Information and Communications Technology, which said the hacking attempt was successfully foiled by Philippine cybersecurity experts.

Because of recent developments, the PCG suspects that the hacking attempt was linked to the maritime dispute between the Philippines and China. Earlier, the Overseas Workers Welfare Administration faced a cyber attack that was also traced to China.

Although China Unicom is state-owned, the DICT stressed that it is not accusing the Chinese government of being behind the cyber attacks, but merely reporting that the hacking attempts emanated from Chinese territory. An official of the DICT said the Philippines would coordinate with China in a bid to identify the perpetrators and stop their activities.

Experts, however, have been warning of possible state-sponsored cyber attacks from overseas directed at Philippine government agencies and private entities operating critical infrastructure such as public utilities, submarine cables, airports, the banking system and defense installations.

A DICT official said the hacking attempt on the PCG by at least three “advanced threat groups” could be classified as cyber espionage because the objective was to gather information by breaching email systems and internal websites of government agencies using Google Workspace. Google itself reported the attempts about two weeks ago.

Also targeted were the domain administrators of the Department of Justice, the Office of the Cabinet Secretary and the Congressional Policy and Budget Research Department of Congress.

The DICT official pointed out that such hacking attempts are classified as “an advanced persistent threat” because they require “significant spending on research and development and technology” to conceal the activities.

Around the world, governments are readying their defenses against the new type of warfare that is waged in cyberspace. In the Philippines, which has one of the highest incidences of digital scams and related offenses, the latest attacks should give urgency to ramping up cyber defenses.