Philippines: Wave of cyberattacks spurs urgent measures to boost cybersecurity
Manila: In the wake of successive cyberattacks on government institutions, including the "dark web" dump of PhilHealth data, a Philippine House of Representatives (Lower House) panel has raised a pressing need to allocate additional funds to the Department of Information and Communication Technology (DICT) to bolster the government's cybersecurity defenses.
Concurrently, the Senate (Upper Chamber) has called for an investigation into these incidents.
Following the Sunday defacing of the House of Representatives website, the House appropriations committee has expressed its support for increased funding for the DICT.
“We will work with our colleagues in the Senate to look for more sources of funds for the DICT,” panel chairman and AKO BICOL party-list Rep. Elizaldy Co said in a statement on Monday.
Reginald Velasco, Secretary General, issued a statement saying: “We wish to inform the public that the official website of the House of Representatives experienced unauthorised access earlier today. Immediate steps have been taken to address the issue, and we are working closely with the Department of Information and Communications Technology (DICT), Cybercrime Investigation and Coordinating Center (CICC) and law enforcement agencies concerned to investigate the matter”.
Rep. Co stressed the urgency of providing resources to the DICT to combat cybercrime and ransomware attacks, conveying this need to the Department of Budget and Management.
Enhancing security
One suggestion made by Co is to allocate a portion of the unprogrammed funds from the 2023 national budget to enhance IT security and ransomware defenses.
Simultaneously, Senator Risa Hontiveros has introduced Resolution 829, calling for a committee to investigate a concerning series of hacking and data breach incidents. Hontiveros highlighted the risk to Filipinos' safety and security posed by the breach of personal and sensitive government-held information.
The recent spate of breaches included the Philippine Health Insurance Corporation (PhilHealth) and the Philippine Statistics Authority (PSA) in late September and early October.
Critical warning
The National Privacy Commission has issued a "critical warning" regarding the compromised personal information from the PhilHealth breach.
While the PSA data breach was confined to its community-based monitoring system, the most recent attack targeted the House of Representatives website. The incident involved an anonymous user defacing the website with a troll face meme and altering committee meeting schedules.
At around 5pm on Monday, the House of Representatives website was restored. It remained inaccessible for more than a day after the hack by the user "3musketeerz" on a Sunday morning.
On October 9, Secretary Ivan John Uy of the Philippine Department of Information and Communications Technology (DICT) expressed deep concern following significant cuts in the budget allocated for the agency's crucial cybersecurity programmes.
Speaking on the sidelines of the Cybersecurity Month 2023 launch, the DICT head revealed that the 2024 cybersecurity budget for DICT is a mere 300 pesos million $5.28 million, a stark decrease from previous years.
He said the country's cybersecurity budget began at 1 billion pesos and saw reductions in 2022 and 2023, bringing it down to 600 million pesos. Now, for 2024, it's been further reduced to just 300 million pesos.
" As the threats in the cyber realm continue to expand and grow, our cybersecurity budget continues to diminish," he said in Filipino language.