Is the national security now compromised?
This question cropped up yesterday after the National Bureau of Investigation (NBI) Cybercrime Division arrested three “persons of interest” allegedly responsible for hacking the websites of the Armed Forces of the Philippines (AFP), National Security Council (NSC), and several banks.
In a press conference on Friday, the NBI said that those arrested were members of hacking groups Philippine Lulzzec and Globalzec. One of the hackers reportedly is a data officer of a prominent media outfit in Manila.
The media outfit, it was learned, has for one of its executives a former official of a previous administration who has close ties with Beijing. China and the Philippines are currently involved in a tug of war over several features in the West Philippine Sea.
The two others arrested are cyber security researchers of a company at Bonifacio Global City.
According to a source in the NBI, the data officer divulged that the IT editor, Arturo Samaniego Jr., allegedly ordered him to hack websites so he would have content for his column, news articles, and social media platforms in one of the country’s oldest media outfits.
After the NBI arrested the hackers, the agency said they will give Samaniego an opportunity to comment on the accusation. The IT editor had earlier issued a public apology for conducting vulnerability tests on another newspaper of major circulation in 2005.
The three hackers could be charged under the Cybercrime Prevention Act of 2012 as well as for Unauthorized Access or Intentional Breach under the Data Privacy Act.
The NBI source said the names of the arrested suspects were being withheld while the inquest proceedings and investigation were ongoing.
The NBI is preparing a case against Samaniego, who also holds the position of senior technology officer at the newspaper. The editor has denied the accusations, asserting his longstanding collaboration with government agencies in cybersecurity.
The suspect alleged that Samaniego began instructing him on which websites to hack in 2019, shortly after he was hired by the newspaper.
There has been no official statement from the newspaper regarding the arrest of its officer and the allegations made.
The suspect said he was instructed by Samaniego to hack the online app of the political coalition 1Sambayan before he was apprehended.
Digital evidence
The NBI said they were gathering digital evidence for the case and plan to issue a subpoena to Samaniego in due course.
NBI Cybercrime Division Chief lawyer Jeremy Lontoc said they will allow the IT editor to address the allegations.
The arrests by the NBI-Cybercrime Division on 19 June were part of Director Jaime Santiago’s vow to crack down on cyber criminals since he assumed the leadership of the NBI.
The investigation revealed that three individuals were arrested for unauthorized access attempts and breaches of private and government websites, including at least four banks.
Fears that national security may have been breached stemmed from the discovery of sleeper cells in a Philippine Offshore Gaming Operators (POGO) hub in Porac, Pampanga where uniforms of People’s Liberation Army officials were also discovered.
Espionage raps have been filed against a key provincial official in an ongoing Senate hearing on POGOs.
Lontoc said they tracked the hackers’ movements and monitored their online activities to establish patterns and connections linked to their operations.
Except for the IT officer, the other alleged hackers targeted banks.
“One of the hackers is a cybersecurity researcher at a major company in BGC. I prefer not to disclose the name because it’s under investigation. The other suspect is a graduating student who was formerly a member of Pinoy Lulzsec,” Lontoc said.
However, Lontoc revealed their most alarming discovery: data from a device linked to an alias “Illusion” contained thousands of bank credentials including usernames, passwords, and OTPs (one-time passwords). At least four banks were targeted.
“We will verify with these banks to confirm the existence of this data, as it could potentially be exploited by scammers,” Lontoc said.
In a press release, the NBI said that initial contact with the suspects was made on 14 June through an informant, which led to their arrest on 19 June at a hotel in Manila. Inquest proceedings took place on 20 June.
They are facing charges of Illegal Access under Section 4(a)(1) and Misuse of Device under Section 5(iii) of RA 10175 (Cybercrime Prevention Act of 2012), as well as Unauthorized Access or Intentional Breach under Section 29 of RA 10173 (Data Privacy Act of 2012).
The third suspect, known as “Allan 10k,” will face charges through direct filing.
NBI Director Santiago said this operation marked just the beginning of a series, promising more to come.
“This is just the start; we have several operations lined up. Scammers and cybercrime hackers, prepare yourselves because we’re coming after you,” he said.