By Beatriz Marie D. Cruz, John Victor D. Ordoñez, and Kyle Aristophere T. Atienza, Reporters

HACKERS using Chinese IP (internet protocol) addresses tried to hack the website of the Overseas Workers Welfare Administration (OWWA) more than 17,000 times last month, according to the Philippines’ telecommunication regulator.

The hackers targeted two servers that host web applications used by overseas Filipino workers (OFW), Information and Communications Technology Undersecretary Jeffrey Ian C. Dy told congressmen investigating the cyber-attacks on Tuesday.

“It was found that the attacks were brute force attacks, which use a trial-and-error approach to systematically guess login information, credentials and encryption keys,” he told the House of Representatives hearing.

“Investigations show that the attackers had multiple IP addresses coming from, which is located in China,” Mr. Dy said. The Department of Information and Communications Technology (DICT) also detected multiple hacking attempts on OWWA’s website in December, he added.

At the weekend, DICT said it had blocked cyber-attacks allegedly by Chinese hackers on the websites of several Philippine agencies. Google Workspace, which hosts the Philippine government’s mail and file storage for nonconfidential information, was also attacked.

DICT traced the hackers’ IP addresses to state-owned China United Network Communications Group.

“Google, through their tactical operations center, Mandiant, called our National Computer Emergency Response Team because they also detected a similar cybersecurity incident… on Google,” Mr. Dy told congressmen.

He said hackers had targeted the e-mail domains of several government agencies including the Cabinet Secretary, Philippine Coast Guard, Congressional Policy and Budget Research Department, DICT, Department of Justice, the National Coast Watch System and the President’s official website.

Mr. Dy. said they don’t have proof that China was behind the attacks. “We lack direct evidence conclusively linking these incidents to… the Chinese government.”

The Philippine National Police will set up a cybersecurity operation center to strengthen its capacity against cybercrime, anti-cybercrime group Director Brigadier General Sidney S. Hernia told congressmen.

Meanwhile, Senator Ana Theresia N. Hontiveros-Baraquel filed a resolution seeking a similar probe by the Senate, noting that the attacks were alarming since these could lead to surveillance of state plans in the South China Sea.

Tensions between the Philippines and China have worsened amid Chinese efforts to block Philippine resupply missions seeking to deliver food and other basic goods to a grounded ship at Second Thomas Shoal in the South China Sea.

“We do not know, but Chinese hackers might have installed malware in our Philippine Coast Guard (PCG) assets,” Ms. Hontiveros-Baraquel said in a statement in mixed English and Filipino.

“These recent cyber-intrusions threaten to compromise resupply missions to Ayungin shoal, the security of Philippine Armed Forces personnel stationed on the BRP Sierra Madre and the wider Philippine national interests in the West Philippine Sea,” she added.

China claims most of the South China Sea, parts of which are also claimed by the Philippines, Brunei, Malaysia, Taiwan, Vietnam and Indonesia. An international tribunal in 2016 voided China’s claim, which Beijing has rejected.

The Philippine Coast Guard on Monday said its website had not been hacked.

The Chinese Embassy in Manila denied that China was behind the hacking, saying speculations about its involvement were baseless and “highly irresponsible.”

“The Chinese government all along firmly opposes and cracks down on all forms of cyber-attacks in accordance with the law, allows no country or individual to engage in cyber-attacks and other illegal activities on Chinese soil or using Chinese infrastructure,” it in a statement.

“China calls on all countries to jointly safeguard cyber-security through dialogue and cooperation.”

A similar cyber-espionage operation targeted an unnamed Southeast Asian government earlier this year, Ms. Hontiveros-Baraquel said, citing a 2023 study by Palo Alto research firm Unit 42.

“The investigation we conducted revealed that what initially appeared as a single attack orchestrated by a solitary threat actor was not so simple,” Unit 42 said in the study. “It unfolded into a complex operation of multiple infiltrations carried out across three distinct clusters of activity.”

Also on Tuesday, Interior and Local Government Secretary Benjamin Abalos, Jr. said he would soon greenlight the creation of a cyber-crime training institute under the Philippine National Police’s Public Safety College.

“It already has a structure, with the Board of Trustees and all,” he told a palace news briefing after meeting with the President.

Only police personnel at the regional level are trained in cyber-crime, national police chief Benjamin C. Acorda, Jr. told the same briefing. “Although seemingly we have seen our crime statistics improve — it went down by 10% — there is a need for us to focus on cyber-crimes.”

Mr. Acorda said they have trained more than 400 officers in cyber-security. The President has ordered him to expand the training to include police stations at the local level using their 2024 budgets, he added.

The top cybercrimes in the country include swindling, with 15,000 cases in the past seven months from just 5,452 cases from December 2020 to June 2022, Mr. Acorda said.

The cost of cybercrimes to the global economy surpassed $8 trillion (P450 trillion) in 2022, according to Evolve Security, citing data from Statista. This likely increased to $11 trillion last year and could rise further to $20 trillion by 2026, it said.

Mr. Acorda said online scams are the most common cyber-crimes in the country.

The Philippines’ shopping scam rate hit 35.9%, the highest among 11 Asian countries surveyed, according to the 2023 Asia Scam report, which was based on data collected from 20,000 respondents.