DICT: No info compromised in reported Executive Branch hack
Department of Information and Communications Technology Ivan Uy explains in a Palace briefing that no sensitive data was compromised amid reports that the Executive Branch was allegedly "penetrated" by Chinese-state backed hackers.
Screenshot from RTVM/YouTube
The Department of Information and Communications Technology (DICT) Secretary Ivan Uy on Tuesday rejected claims of successful hacking attempts on government agencies by outside parties.
This follows a Bloomberg report that Chinese-state-backed hackers allegedly “penetrated” the Executive Branch between 2023 and 2024, stealing sensitive data related to maritime disputes in the South China Sea.
Uy acknowledged there have been attempts to access government agencies but said the DICT had been able to detect and prevent cyberattacks.
“There are always attempts to do so, and in many instances, for attacks like those, we’re able to detect early on. And when we do so, we are able to secure the database, and we’re able to secure the system so that it remains just an attempt and does not compromise some of the more sensitive data,” he said in a Palace briefing.
The DICT chief added that cyberattacks on government agencies commonly occur on “public-facing sites,” such as help desks, which are open to the public for reporting issues and concerns.
“Those open sites are really designed with minimal security because we want to allow the public to easily communicate with the different government agencies. So, in most instances, it is the first to be targeted by hackers, and we detect it and respond to it immediately,” he added.
Accessed Data Are ‘Old Data’
Uy said the data that hackers claimed to have accessed are “old systems” or “legacy systems.”
“We’ve detected that the vulnerabilities exploited were old systems [or] what we call legacy systems. These might be agencies that have not yet updated their respective software, so hackers were able to exploit them,” he said.
Uy explained that these “old data” were being reposted by hackers while claiming to have accessed government sites.
“One of the examples of this is hackers [who] hacked a government agency back in 2020 and claimed to get this information, so they will repost it again today, and they say, ‘look, we hacked something,’” he said.
He noted that the DICT then challenged these “hacking” claims by posting the material they obtained.
“We challenge them. Post it! What did you get? Either they do not post anything because they didn’t get anything, or if they post, we see that these are dated [or] all old data,” he said.
‘More Frequent Cyber-attacks’
Uy said cyber-attacks will be more frequent this year as the midterm elections approach.
“We have detected [a] significant increase in many of the probing of the attacks, especially as we come closer to the elections this coming May. What’s happening is more fake information or disinformation is being perpetrated on social media. There are attempts at compromising certain infrastructure like websites… They are trying to deface websites or try to introduce malicious software into all of these sites,” he said.
On a daily basis, the DICT said it “repels” hundreds of thousands of cybersecurity attack attempts in the Executive Branch, the Legislative Branch, and the websites of lawmakers, who are also candidates, in the House of Representatives or the Senate.