The National Privacy Commission (NPC) has called on Filipino white hat hackers to help secure Philippine cyberspace, including the database of the national ID system (PhilSys).
“We can do a lot more to help protect the data that will come out of PhilSys processing. You can do your part in it as well as “hackers ng bayan” and indeed I strongly urge you to help government make this right. The need for your voice is now more acute. Your country needs you more than ever,” NPC Commissioner Raymund Enriquez Liboro told the crowd of local hackers who converged Thursday for the 2-day RootCon 12 Hacking Conference at Tall Vista Hotel in Tagaytay City.
The privacy commissioner believes the fastest and safest route to national digital transformation is through an active collaboration between the government and patriotic hackers.
“As the country’s leading experts on the offensive and defensive aspects of data security, you as “hackers ng bayan” or “hack-bayani” are at the center of every data protection effort. It is you who will design and implement the structures that keep our data safe. No longer will you be the unsung heroes keeping our boat afloat. You will be at the vanguard, keeping threats and hazards at bay, so that everyone’s data will remain safely private,” Liboro said.
Around 300 local “hackers of all colors” joined the RootCon 2018, from infosec professionals of the corporate world to members of the so-called “digital underground.” They welcomed NPC’s call for white hats or ethical hackers to defend the digital infrastructure of the Philippines.
Information Security Officers Group (ISOG) officers Archieval Tolentino and Dan Duplito said Liboro’s call on “hack bayani” to help the government sends a very positive signal to the Filipino hacking and security community.
“I like the idea behind “hack bayani” and I think it’s about time that we do it, especially with the NPC leading this era of [privacy] awakening for the people, and especially for hackers. It would lead to a shift in the way people see hackers,” Tolentino said.
“Aside from just looking for vulnerabilities [in government systems] I think “hack bayanis” may also help by protecting and defending government [digital interests], or even retaliate when needed,” Duplito said.
During the event, Liboro also announced an upcoming project between the NPC and the Philippine Statistics Authority called “hackBAYAN” in which at least 30 local white hats shall be enlisted to help PhilSys managers fully gauge the risks of running it, help identify potential problem areas, and implement appropriate risk reduction and mitigation strategies.
hackBAYAN is a Delphi study that runs for more than two weeks. Liboro said the results of this study will serve as a guide for securing PhilSys and provide a pattern for many similar collaborations aimed at fortifying public digital institutions.