黑料社

MANILA, Philippines 鈥� The country鈥檚 very own cybersecurity watchdog became the recent victim of a system breach by an entity identifying itself as 鈥減h1ns,鈥� which also left a warning about another imminent cyberattack.

Department of Information and Communications Technology (DICT) Assistant Secretary Renato Paraiso, in a virtual briefing on Tuesday, confirmed that the website of the government agency鈥檚 Disaster Risk Reduction Management Division (DRRMD) was defaced but it was able to regain control in less than an hour.

鈥淸This] attack is not only to mock DICT鈥檚 reputation but also to strengthen the country鈥檚 cyberdefense by humiliating them,鈥� ph1ns posted on the website during its attack.

READ: 3 suspected hackers caught, tech journalist implicated

The hacker group advised the government agency to perform 鈥渢horough tests during and after the development of your applications, websites, etc.鈥� to strengthen its firewall.

鈥楶orous鈥� system

In addition, ph1ns told the DICT to beef up its IT personnel to be suited to fend off cyberattacks.

鈥淵ou鈥檙e my best buddy, DICT. I鈥檒l be back. See you soon,鈥� it warned.

Paraiso downplayed the cyberattack, explaining that it did not reach the government agency鈥檚 central system.

The DRRMD is an external unit of the DICT, Paraiso said, as he also explained that its system was designed to be 鈥減orous鈥� or built with fewer firewalls to allow the quick flow of disaster-related information during emergencies. Less firewalls mean a higher vulnerability against cyberattacks.

Apart from defacement, he said the hacker was able to exfiltrate some employee data amounting to 鈥渓ess than 5 megabits,鈥� which he described as a small amount. Nevertheless, Paraiso said they had reached out to the National Privacy Commission regarding the incident.

The DICT has been dealing with recent major cyberattacks against government agencies.

Before this, it confirmed that 2-terabytes worth of Department of Science and Technology (DOST) data鈥攊ncluding research plans, schematics, and designs鈥攚ere compromised.

This resulted in the DOST being locked out of its system, meaning it could not access the said data. The cyberattack was expected to delay the approval of pending patents and other DOST research and development initiatives, Paraiso said earlier.

Also targeted by cybercriminals was the reporting system of the Bureau of Customs (BOC), which serves as a communication line among the bureau鈥檚 units. The data that was potentially compromised included information about cargo movements being monitored by the government agency, Paraiso explained.

The investigation for the DOST hacking is ongoing. As for the BOC, Paraiso said they were able to regain control of the system, which is being upgraded to strengthen security.

Firewalls check

Amid the onslaught of cyberattacks against government agencies, cybersecurity firm Kaspersky stressed the need for regular assessment of their firewalls to shut out bad threat actors from their systems and keep sensitive information safe.

The cybersecurity expert said government agencies must always remind their staff to store sensitive data only in trusted cloud storage that requires authentication for access.

This also serves as a reminder for employees who use personal devices for work, as these could be entry points for hackers.

For the immediate response, Kaspersky鈥檚 general manager for Southeast Asia, Yeo Siang Tiong, told the Inquirer earlier that the first thing always to do was to change passwords.

Then, the hacked organizations must 鈥渁ssess the reach of the attack and implement a detection and response strategy,鈥� he added.

Government agencies are attracting cybercriminals because they hold vast amount of significant data, including personal information, which can be exploited by hackers for financial gain.