DICT FACEBOOK PAGE

By Jomel R. Paguian

THE DEPARTMENT of Information and Communication Technology (DICT) confirmed on Thursday that a local hacker is behind the recent data breach of the Philippine Statistics Authority (PSA) systems.

DICT Undersecretary Jeffrey Ian Dy made the revelation in the wake of the cyberattack on the state-run Philippine Health Insurance Corporation (PhilHealth), attributed to the Medusa group which is a “very professional international cybercriminal syndicate.”

During an interview with One News PH, Mr. Dy explained that while the PhilHealth breach was executed by the highly sophisticated Medusa group, the PSA data breach was the handiwork of an individual hacker.

“A lot of enterprising individuals wanted to replicate the damage done in PhilHealth. Some of these are local researchers, some are security researchers, and some are just enthusiasts,” he said, describing them as copycat attempts “inspired” by the PhilHealth incident.

Mr. Dy revealed that the DICT already has leads on the identity of the PSA data breach perpetrator due to the less sophisticated methods employed.

“We are more than willing to provide this information after our initial investigation with the Cybercrime Investigation and Coordinating Center, so they can follow up by coordinating the manhunt and the arrest of the individual,” he added.

Interviewed by One Balita Pilipinas, PSA Legal Service Director Eliezer P. Ambatali said the local hacker did not demand a ransom and seemed more interested in attention.

“We have not received any communication from the hacker asking for money in exchange for the downloaded files. But based on his posts, it seems that he just wants attention,” Mr. Ambatali, speaking in Filipino, said.

The hacker managed to infiltrate the PSA system due to weak website configurations, as noted by Mr. Dy, who pointed out that the DICT detected the breach ahead of the PSA.

“We also told them (PSA) about certain weaknesses in their systems; unfortunately, they still got hacked. But we did send them information about certain things they need to do to reinforce their cybersecurity,” the DICT official said.

The cyberattack targeted the Community-Based Monitoring System (CBMS), which hosts demographic data collected through the agency’s survey forms.

“So, what the hacker got were files submitted to PSA about surveys,” said Mr. Ambatali. “It includes data about the surveyor, about who was being interviewed, unfortunately, it also includes data about household classification, how many children are in that household.”

However, he clarified that the breach did not extend to the National ID system managed by the PSA, which comprises the Civil Registration System and the Philippine Identification System (PhilSys) and is distinct from the affected CBMS.

Upon his assessment, DICT Secretary Ivan John Uy said in Filipino: “The damage is still substantial because the breach is significant.”

However, he said that while other government agencies also experience data breaches, creating a centralized agency for government cybersecurity is unnecessary.

Instead, Mr. Dy recommended that each agency establish its cybersecurity organization and an organizational-level computer emergency response team, properly equipped and trained to tackle threats.

At present, the DICT provides technical support for government agencies’ systems but is not directly responsible for safeguarding them from cyberattacks. This decentralization of cybersecurity efforts is seen as a necessary approach.

Notably, the DICT recently lost P300 million in confidential funds from the 2024 national budget.

Mr. Renato A. Paraiso, DICT Assistant Secretary for Legal Affairs, highlighted the potential utility of these funds for enhancing cybersecurity efforts and expressed disappointment over the lack of funding.

On Wednesday, Mr. Uy who heads the department announced that an appeal would be submitted to Congress to reinstate the department’s confidential funds.

These developments at the PSA and PhilHealth, he said, underscore the urgency of bolstering cybersecurity measures in the Philippines amid an escalating wave of cyber threats.

RELATED ARTICLESMORE FROM AUTHOR