MANILA, Philippines - They don’t have high-powered guns or bombs, they don’t break into homes or threaten their victims at gunpoint, but cyber criminals inflict severe damage not only upon innocent civilians but on the economy and the society in general.
In 2000, LOVEYOU, sometimes referred to as Love Letter, was a computer worm that attacked tens of millions of Windows personal computers, which caused damage amounting to billions of pesos on information systems. And hackers have become more sophisticated over the last 14 years.
The Philippine National Police (PNP) has acknowledged that cyber criminals are equally dangerous and many crimes nowadays are committed in the cyberspace.
Chief Superintendent Napoleon Taas, director of the PNP-Directorate for Information and Communication Technology Management (DICTM), says the PNP has started fortifying its own information system.
The PNP is currently using 92 information systems to ensure they have enough security measures to prevent criminals from hacking into these networks. These systems principally involve PNP interoffice connectivity.
“So far, none of these 92 information systems have been breached by hackers. We are really trying to protect our systems from criminals,” Taas tells STARweek. “We also need to get the support of the PNP leadership in the continuing effort to make our system more robust.”
Taas, however, admits that shielding the PNP information systems is a continuing effort, needing constant updates and keeping up with the latest technological developments in order to keep at least one step ahead of cyber criminals.
“I had to do a serious scoping of the current state of the PNP’s information system… I have identified some aspects that are of utmost importance,” says Taas. A risk assessment of the PNP’s information system was conducted, leading to the design of an information system security roadmap to effectively secure and address the identified risks.
He says the DICTM is working on the completion of the documentation for the operation manuals of the 92 information systems currently in use.
“There are strategic efforts that the ITMS and the PNP could benefit from,” Taas acknowledges.
He notes that the DICTM is the data custodian in the operations of the e-blotter, e-subpoena, e-warrant and other electronic-based anti-crime efforts of the PNP.
The e-blotter allows an individual to report a crime using the Internet, while the e-subpoena and e-warrant help officers from different police stations in getting information or soft copies of subpoenas and warrants at the soonest possible time in order to efficiently carry these out.
“Our role is as data custodians,” says Taas. “This means that we ensure that the system is robust to begin with, that it is secure from present day threats and that it continues to be aligned with the goals and objectives of the end user or database owner.”
In the case of the information systems on e-blotter, e-subpoena and e-warrant, Taas says the end user and database owner must report to the ITMS any problem or issue that they may encounter in the day-to-day operations.
“To use an analogy, the end users are the car owners and the ITMS acts as the car mechanics. As this analogy shows, both have a shared responsibility to ensure that the vehicle is always serviceable, or in good running condition,” he pointed out.
Taas is the last remaining general in the PNP who graduated from the US Military Academy at West Point, an internationally recognized institution for academic, military and physical excellence.
Although being a West Pointer was a plus factor for him, Taas says a police officer heading a sensitive position in the PNP needs management and people skills.
“What it boils down to is one’s ability to manage human and other resources. It is really all about troop leading procedures, which all of us in the uniformed service learned from day one,” Taas points out.
He says West Point taught him to pursue holistic answers to questions. “I guess part of being trained at West Point is to be a perpetual student, always asking questions and looking for the best holistic answers to those questions. Having such type of training is definitely an advantage, not just in ITMS and the PNP but practically in any endeavor,” he adds.
Before heading the DICTM, Taas headed the PNP Anti-Illegal Drugs Special Operations Task Force, when it made a record high seizure of shabu.
At ITMS, Taas says “we continue to contribute to elevating the level of security of our information systems to the level expected of a law enforcement organization.
“The people expect us to provide a high standard when it comes to IT security. If we can achieve this level of security for our information system, I believe we have contributed in no small way to the C and E of CODE-P – that is, Competence and Excellence,” he adds.
PNP chief Director General Allan Purisima has been pushing CODE-P towards the realization of P.A.T.R.O.L. Plan 2030, highlighting the importance of Competence, Organization, Discipline, Excellence and Professionalism. Enabling the police organization to operate securely in cyberspace and to be able to counter the activities of cyber criminals is certainly a significant step in the right direction.