Speaker Ferdinand Martin G. Romualdez on Monday called for an immediate briefing from the Department of Information and Communications Technology (DICT) on the recent cyberattacks on several Philippine government websites purportedly from Chinese hackers, saying this was an issue on national security.
Meanwhile, the Philippine Coast Guard on Monday assured the public that its website is secure following reports of attempted cyberattacks over the last month.
In a statement, PCG spokesperson Rear Admiral Armando Balilo said an investigation into the possible hacking of their website began a month ago after the DICT reported the attempt to break into their website.
“So far, we have not monitored anything. Our website remains secure,” Balilo said.
DICT Undersecretary for connectivity, cybersecurity and upskilling Jeffrey Ian Dy reported that cybersecurity experts prevented the hacking of government websites and email addresses by China-based cybercriminals, and that one of these attacks was an attempt to take down the Overseas Workers Welfare Administration (OWWA) website.
“I express deep concern regarding the recent cybersecurity breaches in government agencies, as reported by the DICT. The revelation that hackers, suspected to be operating from China, have infiltrated the email systems and internal websites of various government agencies, is a matter of national security and public interest,” Romualdez said.
“The fact that these breaches have targeted critical domains such as cabsec.gov.ph, coastguard.gov.ph, cpbrd.congress.gov.ph, dict.gov.ph, doj.gov.ph, and ncws.gov.ph, in addition to the private domain of President Ferdinand “Bongbong” Marcos Jr, signifies a dire need for an immediate and comprehensive response,” the Speaker added.
The leader of the 310-strong House of Representatives said that the Philippines should not allow these cyberattacks on government websites to go unchecked.
“An attack on our internet systems is not only a threat to our government but also a robbery of our own home. We must not miss it and we must fight it,” the lawmaker from Leyte said.
“In light of these alarming developments, I am calling on the DICT and other concerned agencies to conduct a thorough briefing for the House of Representatives. This briefing should focus on the nature and extent of these cyber-attacks, the current measures in place to prevent future incidents, and strategies for enhancing our cybersecurity infrastructure,” Romualdez stressed.
He said the briefing could be done in the House as soon as possible, most probably this week, and will be conducted by the House committee on public information and the House committee on information and communications Technology chaired by Reps. Joboy Aquino and Toby Tiangco, respectively.
“I propose that this briefing be conducted in an open hearing… Transparency in this matter is crucial as it affects not just the integrity of our government’s digital infrastructure but also the safety and privacy of our citizens,” Romualdez said.
“Furthermore, this incident reminds us of the urgent need to strengthen our cybersecurity policies and protocols. We must ensure that our national cybersecurity strategies are robust enough to withstand such attacks and agile enough to adapt to the evolving digital landscape,” he added.
“The House of Representatives stands ready to support any legislative action necessary to enhance our cybersecurity and protect our nation from such digital threats. We take this matter with utmost seriousness and urgency.” PCG Commandant Admiral Ronnie Gil Gavan instructed the Coast Guard’s Public Affairs Services to coordinate with the DICT to ensure that their firewall can thwart cyberattacks.
“While the website is for public consumption, we do not want hackers polluting our site with fake news and making it appear that we authored the spread of falsehoods. We must also protect the site from computer viruses,” Gavan said.
DICT’s Dy said the “command and control” of the cyberattack was operating from within China.
“We were able to detect that the attackers were coming from China Unicom. So, I think we will need to coordinate with them,” Dy said.
He said the possible involvement of the Chinese government in the attack cannot be ascertained.
He said other targets of threat actors associated with “state-backed” cybersecurity activities include government email addresses particularly the Philippine Coast Guard, National Coast Watch and the DICT.