Compromised data
The Department of Education is verifying reports that its information system has been breached, with a hacker claiming to have harvested 750 gigabytes so far of DepEd data including banking details and information on students and teachers. Meanwhile, the Philippine Coast Guard took down yesterday its account on X, formerly Twitter, after its tweets were wiped out. The PCG said the entity behind the “compromise” of the account appeared linked to cryptocurrency trading. The PCG’s account on X was restored before noon yesterday.
A collective of cybersecurity practitioners reported monitoring a post in the dark web by a “threat actor” claiming it had collected data from one of the DepEd offices, for possible “curated” dissemination. The claim is being verified by the Department of Information and Communications Technology as well as the Cybercrime Investigation and Coordinating Center. The DICT and CICC are also busy tracking down the source of bomb threats received through email and text messages in the past days by several schools and government agencies.
With the Marcos administration pushing a shift to e-governance, a parallel push is needed to heighten cybersecurity. But top DICT officials have said finding experts to counter threats in cyberspace is difficult, with the government unable to compete with salaries offered in the private sector and overseas. The DICT should be providing assistance to other government agencies in confronting digital threats, but the department itself lacks personnel to handle cybersecurity matters.
The public has enough problems dealing with commercial and financial scams online. Digital fraud is now facilitated by artificial intelligence and deepfakes, and the technology open for use in criminal activities is rapidly evolving.
So much personal information is collected from the public by government agencies and stored in digital format. It must be made clear to such agencies that their task is not just to collect but also to protect data. The agencies, however, need help in this task, in terms of funding, equipment and trained manpower. In the shift to e-governance, significant investments are needed to safeguard the government’s information systems.