The fresh attempt to hack government websites emanating from China is “alarming and outraging,” said Senator Grace Poe on Sunday.
While the , the Department of Information and Communications Technology foiled the intrusion try on the Overseas Workers Welfare Administration website, Poe noted the incident was a stark reminder that cyberattacks have become bolder and more relentless.
“Concerned government agencies should take a cue from the findings of the DICT on the suspected source of threat actors on our privacy and security,” said the chairperson of the Senate committee on public services.
Fortifying website firewalls and systems, she said, should be the task of all agencies maintaining an online presence.
The senator also emphasized that all means should be explored to keep the people’s data secure and uncompromised.
Over the weekend, the United States said it successfully dismantled a China-based hacking network known as “Volt Typhoon”, accusing it of infiltrating critical US infrastructure networks with the goal of disabling them in the event of conflict.
The group—active since 2021—is allegedly primed to cripple sectors spanning communications, transportation and government.
The US Federal Bureau of Investigation has said that China has the biggest hacking program of any country.
Beijing has dismissed the claims as “groundless”—and pointed to the United States’ own history of cyber espionage.
The DICT on Saturday reported that their cybersecurity experts successfully blocked various hacking attempts coming from within China in a cyberattack that targeted various government email addresses, including that of the Philippine Coast Guard (PCG) and the private website of President Marcos.
Other digital assets reportedly targeted were Google Workspaces, specifically the domain administrators of the Cabinet Secretary, the Department of Justice, and the Congressional Policy and Budget Research Department of the Congress.
“We were able to detect that the attackers were coming from China Unicom. So, I think we will need to coordinate with them so that they can help us in this investigation,” DICT Undersecretary Jeff Ian Dy said during the Saturday News Forum in Quezon City.
China Unicom is a Chinese state-owned telecommunications operator. The cyberattack also tried to breach email systems and internal websites of several government agencies that used Google Workspace in a bid to gather information.
Dy said the DICT and Google believe at least three “advanced threat groups” were behind the attack, which he said could also be classified as “cyber espionage” as the motivation was to “gather information.”
Dy, however, clarified the DICT is not accusing China of involvement, only that it found out that the “threat actors were operating from within Chinese territory.”
“These did not push through, but they were a type of brute force attack aimed at taking down our Overseas Workers Welfare Administration or OWWA,” he added.
Dy said the hacking attempt was first reported by Google two weeks ago. The attack on the OWWA website happened earlier and had a different perpetrator whom the DICT traced to be operating in China.
He said the government would need to coordinate with Beijing regarding the attempted hijacking.
Dy also highlighted spyware or espionage activities, potentially perpetrated by threat actors or advanced threat groups detected by Google’s tactical information security arm.
These activities were associated with state-backed cybersecurity actions, targeting government email addresses, specifically those of the Coast Guard, the National Coast Watch (NCW), and the DICT.
Dy also identified current threats, including those posed by hackers, artificial intelligence-generated (AI) robocalls, and the vulnerability of the country’s submarine cables, crucial for the operations of the business process outsourcing (BPO) sector.