PRESS STATEMENT ON GOVERNMENT CYBERHACKING

The DOST- Information and Communication Telecommunications Office (ICTO) –note with concern the spate of cases of cyberhacking of Philippine government websites. Although neither sensitive data has been stolen and used for malicious intent, nor public services paralyzed, the increasing occurrence of attacks is a concern that is not being taken lightly by the government.

On the internet, hacking and cyberattack attempts “goes with the territory” -- there will always be unscrupulous individuals attempting to hack into or attack websites and online systems. Therefore, the key solution has been and always will be better security. Unfortunately, most of the cyberattacks on government are due in part to websites and systems that are developed in-house using coding practices that are below standards and best practices and did not undergo rigorous security testing which may mitigate or prevent common security attacks such as SQL injection and cross-site scripting. There are also many cases of government agency networks which do not have a firewall, or do have a firewall that are not configured properly.

The DOST-ICTO therefore advocates and promotes (1) increased awareness of the threat of hacking and cyberattacks, (2) capacity building of government website administrators to develop, maintain, and monitor secure websites, systems, and networks that will be immune to hacking and cyberattacks, and (3) knowledge sharing of best practices between and among experts, practitioners, and service providers in the Philippines government and the private sector internet community.

It is difficult to stop hackers from initiating attacks, but through concerted effort by government website administrators and experts in the public and private sector, the success of such attacks can be mitigated or thwarted altogether.

We affirm our support to the immediate passage of the cybercrime bill and data-privacy bill. We believe that these bills when enacted would solidify government policy as regards these threats and deter crimes committed using cyberspace. Beth Padilla, Public Affairs Unit, CRPD-STII, DOST