BORACAY ISLAND, Aklan — The country’s fintech giant, GCash, has found an ally in the unauthorized transactions controversy it is involved in, as an official of cybersecurity protection and software Palo Alto Network stressed that even if you put the best cybersecurity blanket on your organization, still no system is perfect.
“As we all know, no system is perfect at the end of the day, as organizations are all vulnerable to bad incidents that may happen. What’s important is they acknowledge the issue and recover from whatever happened. It’s just like what happened to CrowdStrike. No one wanted that to happen,” said Palo Alto head of Technical Solutions, Jobert David, in an exclusive interview during the CXO Summit here organized by VST-ECS and attended by global ICT brands.
Over the weekend, numerous GCash subscribers, including showbiz personality Pokwang, ranted on social media after their money went missing from their GCash accounts, transferred to numbers they didn’t know.
While in July 2024, the cybersecurity firm CrowdStrike pushed a security software update for one of its products and caused a widespread IT outage that significantly affected a variety of industries, from airlines to hospitals and beyond.
Attackers more advanced
David admitted that most cybercriminals nowadays are more sophisticated compared to the companies offering cybersecurity.
“It’s sad to say that more often than not, attackers are more advanced than us, we have to admit that. They also use artificial intelligence. That’s the reason we keep educating and evangelizing people out there that AI should be utilized in the best way so that they are not harming organizations. But cybersecurity firms are equipped with AI capabilities to fight these more advanced cybercriminals as we cannot use a gunfight using a knife,” David said.
GCash has various cloud providers, one of which is Alibaba Cloud, mainly to overcome technical challenges and adopting a mix of solutions including IaaS, the MaxCompute data warehousing platform, the Elastic MapReduce big data platform and a Web Application Firewall.
On Thursday, GCash, in a statement, said it had completed, as of 13 November, the necessary wallet adjustments to its affected users.
“Rest assured that customer accounts are safe, and customer account security will always be our top priority. GCash is here to assist its customers. Users are encouraged to reach out to the official GCash Help Center at https://help.gcash.com/hc/en-us, or via customer service chatbot Gigi on the GCash app by typing ‘I want to report a scam.’ Users may also call the GCash hotline at 2882,” the fintech company stated.
Further, GCash stressed that it remains steadfast in its mission to deliver reliable and secure financial services.
“We are committed to enhancing our systems and procedures to prevent similar incidents and to continue safeguarding all transactions. We will continue to work with relevant law enforcement agencies to investigate these incidents, and we encourage our users to remain vigilant against scammers,” it said.
On Wednesday, GCash’s Gilda Maquilan, vice president for Corporate Communications and Public Affairs, said the glitch was a “product issue” that started on 8 November with its “Send Ang Pao” product, which allows subscribers to send money to multiple users for gift-giving on occasions like Christmas.
On Monday, Makabayan bloc lawmakers filed House Resolution No. 2068 seeking an investigation into unauthorized transactions and financial losses that happened, saying that GCash’s response of “errors in an ongoing system reconciliation process” was insufficient.