Philippines urged to strengthen cybersecurity infrastructure

MANILA, Philippines — The Philippines must improve its cybersecurity resilience and infrastructure to address emerging digital threats that are becoming more complex over the years, according to tech giant Microsoft.

Microsoft recently released its annual Digital Defense Report, which examined the evolving global threat landscape by looking at the most relevant and pressing cybersecurity issues.

“Cybercrime has grown more intricate over the years. We are seeing attacks that are much faster, more deliberate and smarter,” Microsoft Asia-Pacific chief cybersecurity advisor Abbas Kudrati said.

“The trillions of data signals we analyze from our worldwide ecosystem of products and services reveal the ferocity, scope and scale of digital threats across the globe,” Kudrati added.

Cybercriminals continue to act as sophisticated profit enterprises, Microsoft observed, noting how attackers are finding new ways to implement their techniques and increase the complexity of how and where they host campaign operation infrastructure.

The report identified ransomware and phishing as two of the most rampant forms of cyberattacks, amplified by activities that originate in a specific country with the apparent intent of furthering national interests.

Ransomware is a form of cyberattack that involves threatening the publication of the victim’s personal data if the ransom is not paid while phishing is one that involves stealing user data, such as passwords and credit card information.

Microsoft noted a 74-percent increase in the number of estimated password attacks per second over the past year, many of which were fueled by ransomware attacks.

There has also been a steady year-on-year increase in phishing emails.

The report said monitored attacks increased by over 300 percent worldwide, with over 710 million phishing emails blocked weekly in 2021 alone.

To minimize risks and losses, Microsoft stressed the need for governments and organizations to have a solid cyber resiliency foundation.

“Given the increase of rampant cyberattacks, we cannot guarantee 100-percent security against cybercrime. However, we need to start thinking about how we can create a more resilient environment,” Kudrati said.

“Organizations need to develop a plan that focuses on minimizing the impact and improving recovery time against attacks. It is crucial for them to find the right technology to keep them protected and resilient,” he added.

Microsoft recommended to the Philippine government to implement programs and initiatives to minimize cybersecurity threats.

Among specific programs that the tech giant recommended were assessing the feasibility of adopting zero trust principles, protecting the country’s critical infrastructure through consistent security baselines, strengthening incident response and recovery through a reporting obligation, and building interoperability and cooperation to address the growing threat of cybercrime.

It also recommended advancing information sharing for cybersecurity deference and response, leveraging hyperscale cloud technology to improve cybersecurity and operational resiliency, fostering enhanced supply chain security, and enhancing cybersecurity transparency and assurance through certifications and labels.

Other recommendations included strengthening the Internet of Things security, responding to new and ongoing artificial intelligence security risks and opportunities, and advancing 5G infrastructure security.

“The Philippines ranked 61st out of 194 countries in the ITU Global Cybersecurity Index. If you probe a bit deeper, one of the pillars we need to improve on the most is organizational measures, which refer to the nation’s cybersecurity strategy and its implementation,” Microsoft Philippines’ national technology and security officer Dale Jose said.

“It is more crucial than ever to develop a better cyberdefense posture in the country as it is fundamental to establishing stronger grounds for digitalization. Now, we put the Microsoft Digital Defense Report into the Philippine context and discuss action points that the government must prioritize to prepare for, respond to and recover from cyberattacks and security breaches,” Jose added.

Microsoft reiterated its commitment to partner with the government and other stakeholders to foster collaboration, share knowledge and further build strength in security for organizations nationwide.

“Microsoft has been a partner to the Philippines for nearly 30 years, and we will continue to do so even as technology evolves and changes the world we live in. We are committed to helping organizations work toward a more secure and resilient future,” Jose said.