DICT allays public fears amid cyberattack on DOST
The Department of Information and Communications Technology (DICT) on Thursday, April 4, advised the public not to worry after a cyberattack compromised two terabytes (TB) of data from the Department of Science and Technology (DOST) server.
“There is certainly a reason for people to be concerned and for them to be aware of what is happening, but to the extent that they should worry, perhaps it’s not necessary to worry,” DICT Assistant Secretary Renato Paraiso said in an online press briefing. “We have a working DICT, and as for the scientists whose data was compromised, I think they also have their products and creations in mind, and these are registered anyway.”
He then emphasized that, in terms of the breached data, “I think that if there are any effects, they are manageable. The impact is not that huge.”
Paraiso said that the situation is now under control as they have implemented remedial measures.
“We have isolated the affected systems, quarantined the endpoints, and separated the Wi-fi. Our next steps involve retrieving access and conducting an investigation into the incident,” he said.
The DOST said it is treating the hacking incident with “utmost seriousness.”
“We recognize the concerns this incident may raise among our stakeholders and the public, and we want to assure you that we are treating this matter with utmost seriousness,” DOST Secretary Renato U. Solidum Jr. said in a statement.
2 million cyberattacks a day
“Let me put it into context. On a daily basis, we have around two million attacks happening in our country, both in private and public institutions like our government,” Paraiso said. “So, if there are things that manage to slip through, it’s like a shotgun approach. They also try to employ AI (artificial intelligence) in these attacks, which makes it easier now compared to before.”
However, despite millions of cyberattack attempts, Paraiso pointed out that the DICT is up for the challenge as mandated.
Philhealth hacking more severe
The DICT said the data compromised in the DOST incident is much larger compared to the data breached in the Philippine Health Insurance Corporation (Philhealth) in 2023.
However, Paraiso noted that the compromised data in the DOST is not as sensitive compared to Philhealth, which involves personal data of its members.
“These involve schematics inside, we estimate around two terabytes of data,” Paraiso said. “Here, mostly, the data are under the custody of DOST that involves proposals for inventions. Even their backups and redundancies were also compromised.” (With a report from Rhowen del Rosario)