To meet China’s challenges to Philippine sovereignty, don’t forget cybersecurity

Artist's rendition of a hacker
Image by Dee from Pixabay

On June 18, the Chinese Coast Guard seized two Philippine rubber boats resupplying the Sierra Madre in a brazen act of escalation in the maritime domain. The action injured several Filipino military personnel–one sailor even lost a thumb.

While this crisis has rightfully spurred high-level attention from media and policymakers in Manila, it should not distract from Beijing’s less visible but equally grave escalation in another domain: cyberspace.

In recent years, China has adopted a far more aggressive posture in cyberspace -- expanding from espionage and data theft to influence operations and the infiltration of critical infrastructure for potential disruption. Traces of Chinese hackers’ handiwork have been discovered in critical infrastructure systems worldwide, where they are poised to disrupt civilian systems at Beijing’s command.

Chinese hackers have also targeted military and government organizations in the Indo-Pacific in conjunction with aggressive maritime operations.

In August 2023, for example, a Chinese advanced persistent threat (APT) actor managed to compromise government systems in the Philippines and elsewhere in the Indo-Pacific around the same time that a Chinese ship fired water cannons at a Philippine Coast Guard vessel.

As the Philippines weighs its policy options in countering Chinese aggression in the Indo-Pacific, officials must also reckon with potential cyber risks and countermeasures.

As the Philippines’ digital economy expands, so do opportunities for cyberattacks. The digital economy grew by 93 percent during the COVID-19 pandemic, now constituting 8.4% of the national economy, contributing about P2 trillion. A Telenor Asia survey indicates that over 86% of Filipinos spend at least half their day on mobile devices.

This rapid digitalization exposes Filipinos to risks like malware from suspicious links and manipulated information campaigns, tactics increasingly used by Chinese hackers.

The country’s swift digital growth has also made it a prime target for phishing and ransomware attacks. In 2021, the Philippines was the world’s fourth-highest malware target, and ransomware attacks doubled between 2022 and 2023.

Notably, the government thwarted an attack on the Overseas Workers Welfare Administration by Chinese hackers. Recently, a data security officer for the Manila Bulletin was arrested for hacking 93 websites, and Jollibee experienced a significant data breach, potentially exposing millions of customers’ information.

Malicious hackers include cybercriminals out for financial gain, “hacktivists” with political motivations, and state-sponsored or affiliated cyberattacks from countries like China, North Korea, Russia and others. These groups often overlap, compounding the challenge of identifying and holding perpetrators accountable.

Given the broad range of cyber risks, the Philippines should approach cybersecurity as a cross-cutting issue affecting the country’s security, economy, and society. As such, the Philippines’ efforts to bolster its cyber defense should be equally cross-cutting.

The Philippine government is making significant strides in enhancing cyber resilience through the 2023-2028 National Cybersecurity Plan. This plan aims to upskill the cyber workforce, invest in critical infrastructure security, and increase public cybersecurity awareness.

While its success hinges on implementation, the Marcos administration is commendable for involving private industry, emphasizing the need for robust public-private partnerships.

The Philippines has also enacted key cyber policies in recent years. The 2012 Cybercrime Prevention Act and Data Privacy Act defined cybercrime and set data privacy standards, respectively.

In 2015, the Department of Information and Communications Technology (DICT) was established to oversee ICT development. Additionally, Executive Orders 189 and 95 created the National Cybersecurity Inter-Agency Committee (NCIAC) to assess cyber vulnerabilities and coordinate government-wide cyber defense efforts.

Still considerable work remains to improve public awareness of cyber threats, overcome severe shortages of cybersecurity experts—especially those willing to work in the government instead of the more lucrative private sector—and bolster cyber defenses against Chinese hackers and cybercriminals.

The Philippine government should consider two steps to bolster its cybersecurity efforts and position cybersecurity as a growing priority for Philippine national and economic security. These steps are simple but important pieces for building the Philippines’ cyber capacities.

First, the government should raise awareness of Chinese cyber threats by highlighting the links between China’s actions in the South China Sea and its cyber operations.

If the Philippine government can connect China’s threat in the maritime domain to threats in the cyber domain, the Philippine public might be more inclined to adopt basic cyber hygiene practices—such as critically evaluating potential spear phishing emails, using multi-factor authentication, and creating strong passwords.

Second, the Philippine government and private sector alike should integrate basic cybersecurity skills training into the primary education system and raise wages for cybersecurity professionals working for the government to attract more talent.

As of January 2024, the government’s cyber response team consisted of only thirty-five workers–a dangerously low number given the myriad and growing cyber challenges facing the Philippines.

Building cyber talent begins at the grade school level, with education about basic cybersecurity principles. Down the line, targeted efforts to recruit and retain cybersecurity experts in government with competitive wages will strengthen government decision-making and cyber awareness.

Together, these two seemingly small efforts can result in significant progress in addressing the long-term cyber risks facing the Philippines. In addition to these recommendations, the Philippines should consider investing in strong regional government-to-government cooperation on cyber, which will improve cyber intelligence, threat detection, and defense.

Similarly, the Philippine government should assess its partnerships with the private sector and deepen coordination between public and private cyber defenders.

While cyber threats are not as visceral as aggressive Chinese actions at sea, they are no less important for the Philippines’ economic and national security.

As the Philippines continues to develop its digital economy and deepens its partnerships with the United States and other regional countries, cyberattacks from criminals and nation-state actors like China will only continue to increase. An effective Philippine defense against Chinese threats may begin at sea but it also must extend to cyberspace for the long-term security of the Filipino people.

---

Evan Wright is a research assistant for the Indo-Pacific Security Program at the Center for a New American Security. Previously, Wright worked at the Institute for Defense Analyses, conducting research for the White House, Department of Defense, and other Executive Branch agencies on critical and emerging technologies. He is a nonresident fellow at the Johns Hopkins SAIS Reischauer Center for East Asian Studies and a Pacific Forum Young Leader.

Elizabeth Whatcott is a research assistant with the Technology and National Program at CNAS. Prior to joining CNAS, she completed fellowships and internships with the White House Office of Science and Technology Policy, the Center for Democracy and Technology, the U.S. Department of State, Yahoo, and the Global Network Initiative.

Show comments