Movement

Expectedly, as we enter the last week of campaigning, the negative campaigns are in full stride.

The biggest target of negative campaigning, for obvious reasons, is Rodrigo Duterte. The Davao mayor has pulled away from his rivals, at least as far as the voter preference polls are concerned.  The only option left for the losing candidates is to go for the lucky punch and hope the Duterte campaign will collapse in the last days of the campaign.

The recent wave of attacks against Duterte will not likely stop his surge. First, the attacks come too late in the game. Most of his voters have already made up their mind.

More important, the Duterte candidacy is an unusual one. The candidate is less important than the movement that sprung up around this particular candidacy. It is a self-propelling movement. The candidate is merely catalyst for this movement.

It is testimony to the weakness of our political party system that the conventional campaigns are failing to deliver victory to their candidates. In this contest, the conventional parties will be bulldozed aside by a strong social movement articulating rebellion against a social and political arrangement that betrayed us at every turn.

The genius of Duterte’s team is that they realized early enough that only a genuine political movement can dominate a multi-sided contest. For the movement to gel, the message must be simple and shrill. In the case of Duterte, the power of the message is amplified by the force of his personality.

Let the oligarchs tremble in their shoes. The movement has formed. It has become an unstoppable force. No amount of derogatory campaigns directed against the person who catalyzed this movement will hold it back.

One cannot analyze the Duterte phenomenon by the traditional metrics of conventional campaigns. There is no need to count the number of local politicians aligned with the candidate. That is nearly irrelevant.

Even demographics have become irrelevant. Duterte draws support across all age brackets and income levels.

This is no longer a Mindanao-based candidacy. Duterte’s support in the metropolitan area is nearly as strong as it is in his island bailiwick.

The dynamic of this campaign needs to be analyzed using the concepts and metrics normally applied to the understanding of social movements: the narratives that drive them, the definition of the enemy, the strength of empathy among those who are part of the movement.

We noticed early in the campaign how supporters brought their own shirts to be marked with the candidate’s name. In the street where I live, food vendors and stall owners have hand-made Duterte posters mounted.

There are strong grassroots initiatives. This is the antithesis to the patronage-driven campaigns of his rivals.

People have simply become sick and tired of politics-as-usual – and of the political class that is responsible for this. There is a rebellion in progress.

Firewall

Shortly after the Comelec database was hacked, there were attempts to break into the information systems of the Bangko Sentral ng Pilipinas (BSP).

The attempts to hack into our central bank was, according to BSP spokesmen, successfully repelled. Thank heavens, our central bank has a stronger firewall than the Bangladesh Bank.

This should not be reason to be complacent, however. The hackers trying to break into bank vaults using bank computer systems are a clever lot. They will continue to probe the defenses and attempt to find vulnerabilities.

Swift, the financial transaction system linking 11,000 banks worldwide, in the wake of the hacking of Bangladesh Bank, issued an advisory telling its customers to install a mandatory upgrade for the Alliance Access interface software used to communicate transactions among themselves. Swift processes 25 million messages each day involving billions of dollars in fund transfers among its client banks.

After the Bangladesh Bank heist, where $81 million stolen money flowed to Philippine launderers, there is increased vigilance over the cyber security of bank information systems. In this age of gifted hackers, no bank can feel fully safe.

FireEye, a cyber security company hired for the investigation of the breach in Dhaka, announced it had “observed activity in other financial services organizations that is likely by the same threat actions behind the cyber attack on Bangladesh Bank.” In plain English, we are told that the same gang behind the $81 million heist is still active and casing their next victim.

The gang behind that startling heist managed to send 35 fake orders from Bangladesh Bank via Swift to the central bank’s account at the Federal Reserve in New York. Had they not been intercepted, the hackers were trying to take out a total of $951 million from the Bangladesh Bank.

Recently, investigators think they have found the malicious software used as the “toolkit” by the hackers who broke into the bank’s systems. The key file is just 65 kilobytes in size and named evtiag.exe.

The malware, according to investigators, registered itself as a service and operated inside the Swift’s Alliance Software suite. The malware was able to delete records, allow transactions and alter records. A software upgrade will “kill” the malware that facilitated the Dhaka heist.

The most important vulnerability, according to investigators, is Bangladesh Bank’s own system. Investigators have found that not only does this central bank have no cyber security firewall to speak of, it used second-hand $10 switches to link the bank’s computer system to the Swift network.

It should be worrying that hackers today are able to trick bank computer systems by opening outgoing connections, making the firewall irrelevant since it protects against incoming fake transactions.