Just recently the official website of the Philippine Coast Guard (PCG) and three websites of the Department of Science and Technology (DOST) were targeted by hackers.
And just yesterday the Bureau of Customs (BOC) joined this list of agencies with compromised websites.
In the PCG hacking, the website was replaced with one that showed clips from war movies. In the DOST hacking, ransomware was used to enter the DOST IT system and prevent the department’s employees from accessing their own site. As of this writing there were few details about the BOC hack.
Have we learned nothing from previous cases of cybersecurity attacks? Are we just taking back websites without securing them against future attacks? It’s like hackers are just having fun with our government websites.
Are those targeting our government websites getting that good, or is this another case of some government websites not having antivirus protection? Remember that last year PhilHealth fell to a hacker attack because they --one of the richest agencies in the government-- didn’t bother to get antivirus protection at the time.
The PCG and DOST websites and IT systems may have just been small fries for the hacker attackers, but what if they targeted IT systems of critical infrastructure like airports, or utilities like power and water?
Imagine the chaos that they can cause.
And what if they aimed for the websites and IT systems of something like the Bangko Sentral ng Pilipinas or even Malacañang?
Imagine what information they can access there.
We need to acknowledge some truths. One is that we lag behind many countries when it comes to education, technology and cybersecurity. Another is that we may not be able to pay for top-notch IT and cybersecurity protection first-world countries have.
This means that hacking our government systems can become child’s play for someone who has the right knowledge and the right incentive --or enough malicious intention to do so.
Considering the troubled times with live in today, there will be no lack of such individuals.
To the best of what we can do and afford, everything must be done to secure our government websites and IT systems.