DICT: Chinese hackers targeted PCG

The Department of Information and Communications Technology (DICT) said a Chinese Advanced Persistent Threat (APT) group was likely responsible for recent cyberattacks targeting the Philippine Coast Guard (PCG).

In an interview with Palace reporters on Wednesday, DICT Undersecretary Jeffrey Ian Dy acknowledged previous reports of the attack.

An APT is a sophisticated cyberattack meant to damage a target network over time or steal private information.

APT groups are usually made up of well-funded skilled cybercriminals who go after important companies, including government agencies.

“We attributed this to Mustang Panda APT. Our allies agreed with us; we shared our findings with them. The tactics, techniques, and procedures (TTPs) — it’s not about IP addresses just to be clear,” Dy said.

“Like I said, attribution is a very difficult and very complex process. But we believe that the TTPs, which means the behavior of the attacker, was very, very similar to APT 41 or Mustang Panda, which is a Chinese APT,” he said.

Dy said the DICT collaborates with other government agencies and the National Cyber Security Interagency Committee, chaired by Executive Secretary Lucas Bersamin, before making public pronouncements.

The committee includes representatives of various government agencies, including the Department of Justice, Department of the Interior and Local Government, Philippine National Police, Bureau of Immigration and the Presidential Communications Office.

Dy emphasized the distinction between the attacking group and the Chinese government itself.

“Let me clarify, I never said it’s the Chinese government. I’m just saying that it’s Chinese APTs or advanced persistent threats,” Dy said.