DICT, Asia-Pacific team probe cyberattacks on gov’t websites
The Department of Information and Communications Technology is coordinating with the Asia-Pacific Computer Emergency Response Team in an effort to investigate the cyber attack attempts on government websites and domains originating from China, according to a ranking DICT official.
ICT Undersecretary for cybersecurity, connectivity and upskilling Jeffrey Ian Dy said agency officials are keen on tracing the perpetrators of the cyber attacks as he reiterated that the attacks have all been foiled by the concerned agencies.
“There is what we call the Asia-Pacific Computer Emergency Response Team. This is the computer emergency response team of all countries in the region, which also counts our own national computer emergency response team,” Dy said at a virtual interview over Super Radyo dzBB.
“Of course, we need to coordinate with the team, so that the law enforcement agencies in those countries can trace who the hackers are,” he added.
The DICT official also clarified that while the attacks have been traced to China, they are not pinning them as sponsored by the Chinese government.
“We’re not attributing (the attacks) to the government of China. We’re just saying that they are Chinese hackers ... which is to say that ... their IP (internet protocol) address is in China, to be specific, within the network of China Unicom. There are three big network telecommunication companies in China, and China Unicom is one of them,” he said.
“What we have detected is in China, because China Unicom is a telecommunications company in China. It’s just a telecommunications company operating in China that is state-owned, it just so happened that the hackers are in its network,” he added.
Dy maintained that the DICT does not have any information that this was perpetrated by state actors.
“When it comes to the world of cyberspace, especially if we’re talking about international cyber attack incidents, usually, what we only attribute is where they come from and what the technique used is called,” he said, as he assured the security of government websites and domains.
“We’re very safe. In general, of course, we’re safe,” he added.
Concerns allayed
In a related development, the executive director of the Cybercrime Investigation and Coordinating Center has allayed concerns on reported cyber attacks on government websites or domains originating from China as Chinese government-sponsored attacks.
At a press briefing with Department of Migrant Workers officer-in-charge Hans Cacdac yesterday on the occasion of their signing of a memorandum of agreement for a collaboration on cybercrime prevention and prosecution of cyber fraudsters that victimize overseas Filipino workers, ICT Undersecretary Alexander Ramos pointed out that the responsibility or the origination of cybe attacks is not identified just by the IP address country location.
Ramos, who said he had been stationed in China for a lengthy period while in the military and police force as civilian intelligence and investigation operative, said that the only telecoms provider in China are state-owned telecom companies.
“The only thing you can do for accessing is use their own state-owned telecom facilities there,” he added.
The DICT official cautioned that the country location of domains or IP addresses of hackers should not be the basis for attributing responsibility of cyber attackers.
“That is not what we are targeting. If we are going to search, we have another way of figuring out the originating sender of the message,” he said.