DICT foils cyberattack by China hackers

MANILA, Philippines — Cybersecurity experts recently prevented the hacking of government websites and email addresses by China-based cybercriminals, the Department of Information and Communications Technology reported yesterday.

One of these cyberattacks attempted to take down the website of the Overseas Workers Welfare Administration about three weeks ago, said DICT Undersecretary for connectivity, cybersecurity and upskilling Jeffrey Ian Dy.

Based on their investigation, Dy said the hackers were from China Unicom, a Chinese state-owned telecommunications company.

While they could not yet conclude if the Chinese government was involved in the cyberattack, Dy pointed out the “threat actors” were operating from within Chinese territory.

The DICT’s information security arm also discovered espionage activities which
 impacted Philippine government Google Workspaces about two weeks ago.

The hackers targeted the email addresses of the websites of President Marcos as well as other government agencies.

“They were searching for gov.ph (domain) but they did not attack. They were just trying to identify who logs in as administrator,” Dy explained.

The hackers were able to conduct information gathering on the administrators but their activities were preempted by the government’s cybersecurity experts.

Dy said the three common hacker groups on Google Workspace – Lonely Island, Meander and Panda – are connected with Chinese hackers, based on intelligence information.

“These are believed to be advanced threat groups that operate within the ambit of Chinese territories,” he said.

The focus of the spies, the DICT official said, is to monitor the traffic flow of emails by gathering information about the administrators.

A security official who spoke on condition of anonymity said they have been monitoring China for its hacking activities in the country targeting government agencies and even financial institutions.

Dy said the hackers seem to have spent their resources on technology to cover their tracks.

He said they are not lowering their guard as those involved in the cyberattacks are professionals and different from normal hackers who can usually do their exploitation in three months.

“They conduct information gathering for years and strike when the time comes,” Dy warned.

Meanwhile, the National Privacy Commission emphasized its commitment to protect the personal data of each Filipinos, NPC commissioner John Henry Naga said.

During the exit conference of the United Nations Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression Irene Khan on Friday, Naga emphasized NPC’s efforts in data privacy and protection and its importance in relation to the free exercise of opinion and expression.

“The Marcos administration, through the NPC, is committed to protecting the personal data of our citizens and providing a conducive environment for our friends in civil groups and media to share information and express themselves freely,” Naga said. – Jose Rodel Clapano