DICT says it foiled 5.4-M cyber attacks

The Department of Information and Communications Technology (DICT) has reported a significant surge in cybersecurity threats, saying it prevented approximately 5.4 million malicious attempts against 32 government agencies connected to national security operations in 2024.

DICT Undersecretary for Cybersecurity Jeffrey Ian Dy told reporters Saturday that of the 60 advanced persistent threat (APT) groups deterred, more than half were linked to Chinese entities.

He added that smaller groups from Russia, North Korea, and other Eastern European countries were also detected.

APT attacks involve sophisticated and prolonged infiltration of networks to extract sensitive information. The intrusions can lead to intellectual property theft, exposure of confidential data, and even the sabotage of critical infrastructures.

According to Dy, DICT processed 2,500 cybersecurity cases in 2024, with 60 attributed to state-level hackers employing advanced techniques.

“When we say advanced persistent threat groups, these are state-level types of hacking, the super-complicated ones,” he said in Filipino.

Government and private entities alike had been victims of cyber attacks. In April 2024, the National Privacy Commission reported a breach at the Department of Science and Technology affecting around 600 employees.

Private companies such as Toyota, Robinsons, and grocery chain S&R also suffered hacking incidents last year.

A survey by cyber defense firm BlueVoyant found that 84.5 percent of Philippine organizations experienced cybersecurity breaches in 2023. Additionally, 24 percent of the respondents admitted to having no means to detect the threats, highlighting major visibility challenges.

Apart from cyber threats, the DICT has also raised concerns about the transformation of former Philippine Offshore Gaming Operator sites into scam hubs that could be used as troll farms for the upcoming 2025 midterm elections.

Dy warned that the hubs, previously known for targeting victims with job scams and romance frauds, may now shift towards influencing political discourse through social media.

“This is a big operation, and we believe that the same facilities could be used as troll farms to influence our elections because they are utilizing social media,” Dy cautioned.

He emphasized that while social media is primarily used for sharing opinions, job postings and engagement, it can also be weaponized for political manipulation.

“If you can use social media to post jobs, air your opinions and boost engagement, what can stop you from doing the same for political machinations?” he said.

With these developments, Dy suggested that regulating social media platforms may be necessary to curb fake news and disinformation.

The House of Representatives’ tri-committee has recently launched an investigation into cybercrimes, fake news and disinformation, aiming to hold online propagators accountable.

As cyber threats and digital misinformation continue to evolve, the DICT said it remains on high alert to safeguard national security and ensure the integrity of the electoral process.