Digitalization has many upsides. It has also one chilling downside: firewalls could be breached and personal information could be acquired illicitly.
Over the past few weeks, the websites of several government agencies were accessed. Included here are: the House of Representatives, the DOST, PhilHealth and even the DICT. A spokesman for the National Security Council warned that cybersecurity could become an issue in the next elections.
It could be that data protection is weaker among government agencies. Attempts to breach firewalls are about evenly distributed among public and private sector entities. Hackers seem to have an easier time breaking into government sites. The new chief of the PNP lists cybercrimes as a leading concern.
There is, if course, a commercial incentive for trying to breach databases. The captured information could be sold down the dark web to others with malignant intentions. In the many cases of hackers breaking into private financial accounts, the rewards are more immediate.
A recent report by Surfshark places the Philippines fifth among Asian countries for the number of data breaches since 2004. Globally, the Philippines places 17th.
According to this report, 124 million accounts have been breached in the Philippines. This is the second highest count in Southeast Asia, following Indonesia’s 144 million.
Asia averaged 52 accounts breached per 100 people. In the Philippines, the number of breached accounts jumps to 106 per 100 people. That means, statistically speaking, every Filipino suffered from data breaches at least once.
The number becomes more alarming for internet users. The study finds that there are 124 million compromised internet accounts in the country. There are only 50 million unique internet addresses in the Philippines. This means, statistically, Filipino internet users suffered data breaches nearly thrice.
According to this cybersecurity provider, 70 million passwords for Filipino accounts were leaked. The stolen passwords could be used for identity theft, extortion or other cybercrimes. Obviously, much more needs to be done to secure our cyberspace.
Cyberspace is now another dimension of our shared community space. Those tasked with enforcing laws in the community should now be better equipped to help secure our citizens in cyberspace.
As in all dimensions of our community space, each citizen must help keep cyberspace secure and their personal data safe. The financial institutions are not wanting in trying to educate their clients about data security. Given that data breaching has now reached epidemic proportions, it is important for every citizen to make cybersecurity as way of life.
Many of the things we need to be always conscious off in protecting our personal information are really commonsensical. We should never share or rent out personal information such as passwords. Surely, personal information should not be broadcast on social media. If anything strange occurs in our digital accounts, it must be promptly reported to the National Privacy Commission or the cyber desks the PNP intends to set up.
Digital Filipinos are advised to be very cautious in posting information about themselves and their activities. Rapid developments in artificial intelligence multiplies the possibilities for the unscrupulous to manipulate images and extract information from personal accounts.
Everyday, we see a lot of phishing activities going on in our social media accounts. In phishing, criminals impersonate legitimate companies in scamming consumers or enticing customers to share personal information.
Cybersecurity experts advise customers to constantly update their devices. The updates often include upgrades against breaches. When vulnerabilities are noticed, security patches are sent out to customers. Customers, however, must be wary of apps that request for more user information than usual.
We are also advised to avoid using pirated or illegal software. A lot of the free software found in the internet contain programs that may compromise personal information and financial security.
We are likewise asked to always use strong passwords, use secure networks and websites as well as enable two-factor authentication. This will make it more challenging for the hackers to break through.
We have heard of houses being robbed because the owners broadcast on social media that they would be out of town. Even robbers scan social media to look for possible victims.
Citizens should demand that government institutions, banks and enterprises increase their investments in helping secure the country’s IT infrastructure. There are clear limits to individual vigilance if the IT network itself is easily compromised.
I am not sure how much resources have been added to agencies such as the NBI, the DICT and the police to improve their capabilities to deal with cybersecurity threats. The number of government websites recently broken into suggests resources may not be enough.
Our agencies responsible for maintaining cybersecurity must not only possess state-of-the-art technology, we must also train a cadre of cyber law enforcers capable of effectively protecting our people. The threats not only come from enemies of the state who might want to sow confusion and paralysis in our community. On a daily basis, they come from small-time criminals out to make a quick buck from the unwary.
We live in a world we could not have imagined only a few years ago. It is a world where much of our financial transactions happen online. More and more, the Internet of Things creeps into every corner of our lives. The security of stability of our institutions – government and the financial system – rests increasingly on cybersecurity.
We must live with all the new disciplines we need to thrive in this new world.