A screenshot of the webpage of the House of Representatives, which was hacked on Oct. 15, 2023. — PHILSTAR FILE PHOTO

PHILIPPINE state agencies involved in cybersecurity should be given more intelligence funds so they can hire more experts, a senator said on Tuesday.

At a Senate hearing on the recent cyberattack on the Philippine Health Insurance Corp.’s (PhilHealth) website, Senator Alan Peter S. Cayetano said the Department of Information and Communications Technology (DICT) could hire black-hat hackers to boost the country’s capacity to prevent future attacks.

He said the Philippines should upgrade its cybersecurity in a way that hackers would feel that it’s not worth their time trying to break into the system.

The DICT earlier reported a Medusa ransomware attack on PhilHealth by encrypting files and demanding payment in exchange for the data. It said a “very professional international cybercriminal syndicate” was behind the hacking.

The agency earlier said the hackers had published the personal information of some PhilHealth members on the dark web after the government failed to pay the $300,000 (P17 million) ransom.

The Philippine National Police Anti-Cybercrime Group has said there were 16,297 reports of cyber-crime in the first quarter.

PhilHealth production servers were intact, PhilHealth Chief Executive Officer Emmanuel R. Ledesma, Jr. told senators at the hearing.

Mr. Cayetano said the DICT could also enforce a reward system that would pay anyone who could provide information about hackers.

There should also be stiffer penalties against hacking. “It will prevent major breaches in our cybersecurity and it’s worth it.”

On Sunday, the House of Representatives website was hacked by a group that called itself the 3musketeerz.

DICT Assistant Secretary Renato A. Paraiso told reporters on Monday local hackers were likely behind it, as well as the data breach at the Philippines Statistics Authority.

The Philippines topped the list of countries affected by cyberattacks in Southeast Asia this year, according to a Sept. 20 report by cybersecurity firm Palo Alto Networks.

The country ranked 42nd out of 250 countries that were most affected by data breaches in the first quarter, with 48,747 leaked accounts, virtual private network service provider Surfshark said in a May report. This was down by 78.5% from 226,970 in the fourth quarter of last year.

Global cyber-security firm Kaspersky said in a report on April 17 that web attacks targeting entities in the Philippines rose to 492,567 in 2022 from 382,940 a year earlier.

Senate President Juan Miguel F. Zubiri last month said the Senate would hike the intelligence funds of the National Intelligence Coordinating Agency (NICA) and National Security Agency (NSA), citing the need to protect the country from cyberattacks. — John Victor D. Ordoñez

RELATED ARTICLESMORE FROM AUTHOR