MANILA, Philippines — After at least three government websites or databases were reported to have been breached in a month, Sen. Risa Hontiveros on Monday filed a Senate resolution calling for a probe into the current cybersecurity infrastructure of government agencies and their capacity to fend off cyberattacks.
According to Senate Resolution 829, the consecutive hacking of government databases in recent weeks — which involves the leaking of individuals’ personal information — raises doubts over whether government agencies can keep information related to national security under wraps.
“The breach of personal and sensitive information kept by government agencies endangers the safety and security of all Filipinos- leaving us even more vulnerable to increasingly nefarious schemes involving text message spams, online scams, phishing, financial fraud, extortion, blackmail, and identity theft,” the resolution read.
State insurer Philippine Health Insurance Corporation (Philhealth) first suffered a cyberattack from Medusa Ransom ware on September 22. This involved the compromise of Filipinos' personal and sensitive information, including names, addresses, social security numbers, among others.
Next to go down was the Philippine Statistics Authority, which announced October 12 that personal and sensitive data from its Community-Based Monitoring System had been accessed by "bad actors."
The website of the House of Representatives was also hacked and defaced on Sunday before being temporarily rendered inaccessible.
Hontiveros said in her resolution that there is a “need to assess the current capacity of the government to secure critical strategic infrastructure from cyberattacks and other potential threats.”
Similarly, Sen. Grace Poe has also called on the Department of Information and Communications Technology (DICT) and other agencies to prevent any more agencies from being bypassed by hackers in “what is turning out to be a hacking spree of government websites.”
“We cannot continue business as usual and wait for the next victim of a data breach. The hacking needs to be stopped and perpetrators should be held accountable,” Poe said in Filipino.
House appropriations chairperson Rep. Elizaldy Co (AKO Bicol) said that the lower chamber would coordinate with the Senate to explore sources of additional funding to boost the cybersecurity capabilities of the DICT.
“For the continuing ransomware attacks, we convey to the Department of Budget and Management the urgent need for additional funds for the DICT and for government agencies being attacked and vulnerable to cyberattacks,” Co said.
DICT Secretary Ivan John Uy said that they are now monitoring the possible sale of PhilHealth users’ information online after the state health insurer refused to pay the $300,000 ransom being demanded by the hackers.
“They will try to monetize the information. They will try to do this by selling the information to scammers, to phishers who can use that data to get fake IDs, (get) SIM card registered with the fake information,” Uy said.
“So we are monitoring that. Because they made no money from it. So they will find a way to monetize the information,” Uy added.
— with reports from The STAR / Rainier Allan Ronda