Philippines’ cybersecurity in real and present danger

Arriving in Manila earlier this week for consultations, we have been deluged with a series of interviews from the local media in relation to a smear campaign launched against some of our colleagues in government, including myself and other Filipino diplomats, with the use of cyberspace.

There is absolutely no doubt that there is a strong concerted effort to drive a wedge between the Philippines and its close allies like the United States to undermine our position and derail our efforts in upholding our territorial integrity and sovereignty in the West Philippine Sea. They’re using all kinds of inane tactics, like fake memos purportedly coming from the Department of Foreign Affairs where I am supposedly being recalled from Washington, or another ridiculous rumor of being reassigned to Beijing. They’re engaging in disinformation using fake emails and instant messaging apps. Some have also been creating fake accounts on Facebook and X (Twitter), with many of us being targeted.

Emails, smartphones and other communication systems are already severely compromised because of malware embedded in links that can steal user details. Once details are stolen, cybercriminals use apps that create fake chats or conversations complete with a screen shot, which they can spread through social media sites and platforms.

Even popular messaging apps like Viber may not be as secure as we think. According to some reports, cybercriminals can access Viber accounts on your phone or PC and install spyware that can monitor calls and messages, and see your conversation history. Worse, they can actually make calls and send messages that supposedly came from you.

I have long accepted the fact that when one holds a government position or is in some measure a “high profile” personality – one will definitely be targeted for hatchet jobs, which unfortunately simply comes with the job. I was warned many months ago by intelligence agencies whom we work with in Washington, DC that pro-China groups “will go after [me]” – with the heightened attacks triggered by the President’s successful visit to Washington and the approval of four additional bases accessible to US armed forces under the 2015 Enhanced Defense Cooperation Agreement.

But what many others and I are extremely concerned about is the fact that our cybersecurity is currently severely compromised. So many of our government agencies are already penetrated. This is really far more serious than one can imagine – cyber spies can clearly undermine the country’s economic and national security. They can do this easily by spreading false information and propagating fake stories – picking up bits and pieces of information and manipulating them in such a way that they become believable.

Early this year, for instance, a fake memo circulated through Facebook about the Philippine National Police supposedly going on heightened alert due to the purported mass resignation of Defense personnel and a destabilization plot within the Armed Forces of the Philippines. The scary part is that it looked authentic.

A report from Singapore cybersecurity company Group-IB also revealed that a hacker group identified as Dark Pink has been focusing its attacks on the government and military agencies of Malaysia, Cambodia, Indonesia, Vietnam and the Philippines. Dark Pink has been stealing data since 2021 through phishing emails – like a letter supposedly from a job applicant or inquiring about internships, with attached documents (presumably credentials) that would activate malware when downloaded.

Data from global cybersecurity company Kaspersky revealed that the Philippines ranked Number 2 among countries most attacked by web threats in 2022. According to the Department of Information and Communications Technology (DICT), there have been over 3,000 high-level cyberattacks monitored from 2020 to 2022, with 60 percent of those directed at government institutions. In fact, the DICT has admitted that the “increased vulnerability of our nation’s digital landscape” makes it “crucial to protect the country’s critical infrastructure.”

The United States of course is a major target of cyberattacks that seek to inflict economic damage, like what happened to Colonial Pipeline – a major pipeline system that supplies refined gasoline, diesel and jet fuel from the US Gulf Coast to the US East Coast – that was attacked by a Russian cybercriminal group known as DarkSide. Colonial went offline for several days, resulting in supply shortages, disrupting airline operations, causing fuel prices to skyrocket and triggering a nationwide state of emergency.

The fact is, highly sophisticated technology can now enable cybercriminals to reach for targets anywhere in the world. They can remotely access computers, turn off electricity, shut off communications facilities, disrupt airport operations – and you won’t even know where these attacks are coming from.

The Department of Foreign Affairs and other government offices have been severely compromised, confirmed to us by intelligence experts locally and in Washington, DC.

But all is not lost. The President himself is very much aware of the need to “shore up our defenses when it comes to cybersecurity” – and to this end, a National Plan on Cybersecurity has been drawn up by the DICT, underscoring that external security threats such as cybersecurity warfare need to be addressed. We have several international experts coming to assess our cybersecurity and a plan will be put in place to secure our cyberspace.

As ICT Secretary Ivan Uy had explained, in today’s warfare, the “first attack is not done with a bullet or a missile. It’s done in cyberspace,” adding that “cybersecurity should have an extremely dominant role” because unlike physical attacks where damage is limited to a physical target like a building or facility, a cyberattack can shut down an entire country’s financial system or energy infrastructure. The damage would be unimaginable.

*      *      *

Email: [email protected]