China-based hackers target gov’t servers
MANILA --- The Department of Information and Communications Technology’s investigation into recent cyberattacks targeting multiple government servers has traced the hacking attempts to IP addresses based in China.
Unidentified hackers had tried to breach servers used by overseas Filipino workers and the Google Workspace that hosts the Philippine government’s email and storage for nonconfidential information, DICT Undersecretary Jeffrey Ian Dy said during a House hearing on Tuesday.
Here is what we know so far about the most recent hacking attempts of government servers:
OWWA records 17,000 hacking attempts
The DICT first bared in a news forum on February 3 that it had blocked cyberattacks targeting the Overseas Workers Welfare Administration’s (OWWA) web applications.
Dy clarified during the news forum that the hackers who targeted OWWA — which it traced back to a state-owned telecommunications operator in China — were different from the threat actors that attempted to compromise the government’s Google Workspace domains.
During the Tuesday hearing of the House committees on information and communications and public information, Dy shared the findings of the DICT’s joint investigation with the Cybercrime Investigation and Coordinating Center (CICC) on recent hacking attempts into government systems.
Dy said that the OWWA was targeted multiple times from December to at least February 4 and it had recorded at least 17,000 hacking attempts from January alone coming from multiple Chinese IP addresses, Dy added.