PH open to collab with China, other nations to address hacking: DICT

By Raymond Carl Dela Cruz and Ruth Abbey Gita-Carlos

February 8, 2024, 1:53 pm Updated on February 8, 2024, 3:20 pm

<p><em>(File photo)</em></p>

(File photo)

MANILA – The Philippines welcomes possible collaborations with other countries like China to address hacking attempts on government websites, Information and Communications Technology Secretary Ivan John Uy said Thursday.

“We are open to working with everybody,” Uy said in a Palace press briefing, as he acknowledged that Mandarin speaking nations such as China, Hong Kong, Taiwan, and Singapore are also being targeted by cyberattackers.

“There are many criminal organizations, mercenaries, cyber hackers hiding in different countries and using their talents in bad ways. So, coordination among different countries is important to work together and go after these groups,” he added. 

His statement came following the alleged Chinese hackers’ recent attempt to infiltrate various Philippine government agencies, including the Philippine Coast Guard.

While the cybersecurity attack “has been ongoing even before [the Marcos administration] came into office,” Uy said the government is taking the issue “very seriously.”

Uy said China had also reached out and expressed willingness to collaborate with the Philippines to prosecute the “very innovative” and “very smart cybercriminals.

“We have been monitoring our regular probing and regular threats coming from all sectors from criminal organizations and many threat actors in the world,” he said.

“We actually have built up more competencies in detecting early on, any of those attempts to hack into not just government systems, but also private corporations. There have been some private institutions that were also compromised by ransomware,” Uy added. 

Uy noted that around 600 persons were recently arrested during a raid in a scam center in Pasay City, adding that 200 of them are Chinese nationals. 

‘Comprehensive’ plan

Uy said the Department of Information and Communications Technology (DICT) also presented to President Ferdinand R. Marcos Jr. the “comprehensive” National Cybersecurity Plan (NCP) covering 2024 to 2028.

He said the National Cybersecurity Plan will serve as a blueprint that provides policy direction and operational guidelines to build up the country’s cybersecurity posture “vis-à-vis the rest of the world.”

He said the cybersecurity plan was crafted following consultations with different stakeholders both in the public and private sectors, as well as the academe.

“We also compared it with the cybersecurity plans of all the other countries to see where the thrust has been in terms of addressing the increasing cyber threats. So the plan is comprehensive, and it mainly addresses the need to develop good policy in order to ensure a safe cyber landscape for the country,” Uy said.

Uy said the plan also identifies cyber assets and incorporates advanced threat assessment, as part of the “proactive approaches” to thwart possible attacks.

He added that the training and capacity-building for cybersecurity would be intensified “on a massive scale.”

“Because of this gap on cybersecurity, we’re hoping that by building up our capacity on cybersecurity, other countries would come and access our talents. So, you know, the salary in the cybersecurity arena is quite good. In most cases, the salary is higher than any Cabinet secretary. So it’s a very, very lucrative profession and the hiring is there,” he said. 

“It’s really a seller’s market, and so a lot of large companies are hiring; the cybercriminal organizations are also hiring. And so there’s a competition for talents and, you know, Filipinos are known to be digital natives. We love our gadgets. We love our technology and so, I think, you know, developing the right skills to address this growing challenge is just correct,” Uy added. 

NCP to develop defense policy, IT workforce

Uy said the NCP would help steer the country’s digital landscape into developing good cybersecurity policy as well as enhancing the cyber workforce.

“The NCP is a document that provides policy direction as well as operational guidelines on how to build up our cybersecurity posture, vis a vis, the rest of the world,” Uy said.

The NCP will help develop a good policy toward a “safe cyber landscape” through the identification of cyber assets in need of protection, and the development of quick response mechanisms against cyber threats across all government agencies in different sectors.

“Whether it's energy, transportation, or finance, they can come together and address quick responses in case there are any attacks or any attempts, a good coordination mechanism so this information is shared,” Uy said.

To help stop cyberattacks before they happen, he said the policy also involves advanced threat assessments through obtaining information from international partners.

“If an attack happens on a bank in another country, then we have information exchange programs with our computer emergency response teams that can share that information so we can proactively advise our banks here,” he said.

He noted that cybercriminals often take advantage of the same vulnerability on different targets, making it vital to be knowledgeable on past cyberattacks in other countries.

Meanwhile, he said the NCP is developing the country’s cyber workforce through capacity-building and upskilling, particularly on cybersecurity to boost the country’s cyber defense as well as increase the marketability of the country’s large pool of young workers.

Since the Covid-19 pandemic, Uy said there has been a boom in demand, with around two million job vacancies for cybersecurity today.

“They moved their businesses online and there was a big surge in e-commerce, online payments, e-wallets, and online bank accounts,” he said.

In the next two decades, he said the Philippines will be one of the countries with the largest and youngest workforce -- averaging at around 24 to 25 years old.

“So, we are intensifying on a massive scale our training and our capacity building for cybersecurity, AI, and many of them emerging technologies, among our digital workforce,” he said.

He noted that cybersecurity is a very lucrative profession that offers some of the largest salaries while also being in massive demand.

“There's a competition for talent, and Filipinos are known to be digital natives, and I think developing the right skills to address this growing challenge is correct,” he said.

Other projects under the NCP include information campaigns to arm the public with the knowledge to avoid scams and other cyber threats.

Digital nat'l IDs

Amid hacking attempts on government websites, Uy assured the public that cyber mercenaries are not capable of accessing sensitive information of digital national ID holders. 

This, as he noted that the DICT has so far generated around 56 million digital national IDs for Filipinos who are still waiting for their physical cards.

Uy advised the digital national ID holders to download the eGovPH application to make sure that the details about them would not be compromised.

“We have put that app into a lot of testing. So, we’ve actually even hired professional hackers to hack and even put up rewards; whoever is successful, we’re gonna give them the reward. So far, wala pa naman (there is none),” Uy said.

“The app has gone through a lot, not just locally pati (but also) international cybersecurity organizations that do vulnerability assessment testing, penetration testing,” he added. (PNA)