hacker 190110
Agents of Cybercrime Division of the National Bureau of Investigation (NBI) in Manila arrested a data security officer known as "Kangkong" and two others on June 19 following reports of multiple unauthorised access attempts and breaches on websites. Photo for illustrative purposes only. Image Credit: Pixabay

Highlights

  • The National Bureau of Investigation (NBI) revealed that one of the suspects’ phones contained scripts and databases obtained from local government units, various government websites, and Facebook users’ credentials.
  • NBI confirmed its Cybercrime Division has issued a subpoena against prime suspect.

Manila: A data security officer at the news daily Manila Bulletin has confessed to hacking 93 websites, including those of government agencies and private companies – as well as servers based abroad.

Get exclusive content with Gulf News WhatsApp channel

In an interview with the local news channel ABS-CBN, the hacker, known by the alias “Kangkong”, revealed that he left a specific picture on the compromised websites to prove his involvement.

"Kangkong" also has obtained sensitive data, including user accounts and passwords of Security Bank, PNB, BDO, and UnionBank, a Department of Information and Communications Technology (DICT) official told local media.

Arrest

"Kangkong" (from the local term for water spinach) and two others were arrested by the National Bureau of Investigation (NBI) Cybercrime Division on June 19 after reports of multiple unauthorised access attempts and breaches on websites.

A DICG official alleges that Art Samaniego Jr., technology editor of the Manila Bulletin, gave orders to "Kangkong" to engage in hacking activities targeting private companies and government websites.

DICT Undersecretary Jeffrey Ian Dy, in a press conference on Wednesday, said they have an "airtight case", and urged Samaniego to cooperate with authorities in the ongoing investigation. 

Dy commended the NBI's efforts and emphasised the government's "whole-of-government approach" to cybersecurity.

"Kangkong" reportedly made an "extrajudicial confession", in which he identified Art Samaniego, the Bulletin’s senior technology officer, as the person who ordered the hacking of several high-profile websites.

Cybercrime Prevention Act
The Philippines has a comprehensive law in place to address cybercrime activities. Republic Act No. 10175 or the Cybercrime Prevention Act of 2012 (CPA) aims to combat online offenses, protect computer systems, and ensure the integrity of data.

The hacked sites included the peacekeeping operations centre website of the Armed Forces of the Philippines (AFP), the mail server of the National Security Council, and the "Join the PH Army" website.

Regret

'Kangkong' expressed regret for implicating Samaniego to the National Bureau of Investigation (NBI). “I owe a lot to him for what he did for me at the Bulletin. I’m sorry, Sir Art, that this happened,” he said in Filipino.

"Kangkong" explained that when he hacked a website, he would send the information to Samaniego. Depending on the importance of the government agency, Samaniego would decide whether to write an article about it.

“When we met, I was looking for a job. He said 'maybe I could work at the Bulletin',” Kangkong said.

Samaniego has denied the allegations, asserting that he did not order the hacking of government and bank websites to boost his social media reach. He stated that he did not need to compromise the AFP’s website for content.

'Kangkong' also issued a public apology to President Marcos, the public, and especially the military community for his actions.

He acknowledged the significant impact of his actions, including the exposure of sensitive data of soldiers to foreign entities. “That’s when I realised that we have many enemies, and we should not be going against each other,” he said.

Security measures

Alias “Kangkong” highlighted the inadequate cybersecurity measures in place for government and private company websites, stating this as a key factor in his ability to hack them.

“Cybersecurity is not really a priority in the Philippines. They should invest in security. We know that hiring people is expensive, and the tools needed are expensive. But they should invest somehow because if they don’t invest and they are breached, they would have to spend more,” he said.

The NBI revealed that one of the suspects’ phones contained scripts and databases obtained from local government units, various government websites, and Facebook users’ credentials.

Meanwhile, the NBI confirmed that its Cybercrime Division has issued a subpoena against Samaniego.

NBI Public Information Office chief Nick Suarez told local media that agents of the NBI-Cybercrime Division issued the subpoena past noon on Tuesday. “This is part of the process for (Samaniego) to explain his side to the authorities,” Suarez said.

Samaniego has been suspended from work pending an investigation by the news organization, according to reports.

Interestingly, Dy also acknowledged Samaniego's past contributions to government anti-hacking initiatives. This adds a layer of complexity to the situation.