Consumer advocacy group CitizenWatch Philippines is urging the government to partner with the private sector in adopting a cybersecurity posture to protect the country’s critical infrastructure sector.
“The country’s critical infrastructure sectors must be adequately and pro-actively protected against cyberattacks as the government aggressively pushes to accelerate the expansion and upgrade of digital infrastructure,” said Atty Christopher “Kit” Belmonte, co-convenor of CitizenWatch Philippines.
Belmonte als warned that “critical infrastructure systems such as energy, transportation, finance, water, food, agriculture, healthcare, and emergency response all rely on information and communications technology to operate. Cyberattacks can cause disruptions that significantly impact public safety, security, economic stability, or public health.”
“The PhilHealth ransomware incident is a painful reminder that cyberspace is never a space safe, because hackers and other nefarious actors threaten to negate our gains in transitioning into a digital economy,” said Belmonte.
“Cyber-attacks have tangible costs – ransom paid, downtime, lack of productivity, the breach of personal information of millions, threats of exposure, not to mention the erosion of citizens’ confidence in our systems and institutions.”
The former lawmaker added that firms also have to bear the economic costs of repairing their infrastructure damaged by cyberattacks.
“Worse, cyberattacks on critical infrastructure by state or nonstate actors can undermine national security and disrupt economic activity and our way of life.”
Belmonte said that hackers are always trying to be one step ahead of organizations and institutions, so the challenge is to arm ourselves, individually and collectively, for better protection.
“Sometimes it could be as simple as good housekeeping, ensuring our antivirus tools are updated and paid for. It could also be the constant education of our users to prevent them from falling prey to social engineering schemes,” he said.
“Through AI, attacks could now read and sound like real persons, specifically persons that an unsuspecting user knows and trusts.”
Budget allocations toward digital transformation, which is a stated priority of this administration, would amount to nothing if not complemented by an equally strong cybersecurity stance that would ensure a safe and trusted cyberspace that would enable a digitally-powered economy, Belmonte said.
“As the country evolves into a digital nation, hackers are also becoming more sophisticated in their efforts to put one over internet users, gain access to their private information, profit from them, or even endanger them.”
Painful costs
The Medusa group’s ransomware attack on the Philippine Health Insurance Corporation shut down the agency’s online services. Medusa demanded a ransom of $300,000 or approximately P17 million. PhilHealth officials said they would not pay the ransom even as they admitted failing to renew their antivirus software licenses.
As of Wednesday, October 4, there were reports that the personal information of some PhilHealth members had been made available on the dark web.
Cybersecurity firm Sophos also reported that some 69% of organizations in the Philippines suffered a ransomware attack in 2021, higher than the 42% rate the previous year.
Meanwhile, Palo Alto Networks reported that ransomware and extortion cases in the Philippines increased by 57.4% in 2022 across key sectors. In these instances, threat actors used aggressive tactics to exert pressure on targeted organizations, and harassment was involved 20 times more often than in 2021, according to incident report cases of Unit 42™.
In 2021, PH organizations hit by ransomware paid an average of $1.6 million, double the payments made in 2020. This was also twice the global average of about $812,000 in 2021. A separate cost rectifying the impact of such attacks came up to $1.34 million – representing down time, people time, device cost, network cost, and lost opportunity.
“These numbers tell us that thinking that we could go about safely on the Internet would be naive and detrimental to us and our organizations,” said Belmonte.
A timely EO, but…
In July 2023, President Fernand Marcos Jr. issued Executive Order no. 32, “Streamlining the Permitting Process for the Construction of Telecommunications and Internet Infrastructure.”
The order stated the need to ensure the continuous development of digital infrastructure in the Philippines through the institutionalization of a set of “streamlined guidelines for the issuance of permits, licenses, and certificates for the construction of telecommunications and internet infrastructure.”
The order also establishes a zero-backlog policy for government agencies and local government units as it pertains to these applications.
“We have on several occasions lauded this initiative as good for the economy and for citizens,” said Belmonte. “Nonetheless, in the same way that we should make it easy for telco investments to be operational, we should also make it difficult for threat actors to carry out their sinister deeds.”
While cyberattacks operate online, they are able to swiftly and irrevocably spill over to our physical space, Belmonte added.
“Cyber-attacks are not confined to our devices and infrastructure. They are not battles with hacker-enemies that are fought like games in the online sphere. On the contrary, their consequences are all too real, and they could have a profound impact on our way of life.”