“The government is working to keep the Internet safe to people and business.” This is according to Department of Information and Communications Technology (DICT) secretary Rodolfo A. Salalima, in response to the growing incidence of cyber attacks in the Philippines.
From left: Allan Cabanlong, Assistant Secretary for CyberSecurity and Enabling Technologies, DICT; Rodolfo Salalima, DICT Secretary; Stephen Neumeier, Managing Director, Kaspersky Lab APAC; and Vitaly Kamluk, Research Team Director, Kaspersky Lab APAC.
Salalima claims the government is playing its role of saving the Philippines from the adverse impact of cyber attacks. “We are trying to improve further our security defenses,” said Salalima, adding that “we simply cannot prevent cyber attacks as these were unilaterally launched by cyber criminals. We anticipate these possible attacks with the view of mitigating their adverse effects on people, business and government.”
For security, Salalima stressed the importance not only of the government but also of the people and the private sector in fighting cybercrime, especially now that there is still lack of security awareness among them. “Anticipation is not only the responsibility of the DICT but also of the people,” he said.
Allan Cabanlong, assistant secretary for CyberSecurity and Enabling Technologies at DICT, supports the collaboration of the government and private sector to work together in preventing the rising number of cyber attacks and build a safe and resilient Philippines. “Cybersecurity is a whole of nation approach. We must work together to attain a cyber resilient Philippines,” he said.
Cabanlong noted that their goal at the DICT is to minimize the damage attributed to cyber attacks. “We are ready. We’re able to identify the perpetrators and we have the National CyberSecurity Plan (NCSP) 2022 to ensure cyber protection,” he said.
The NCSP 2022 is a government initiative to beef up the country’s cyber security capabilities. To jumpstart its implementation, the DICT will release three Memorandum Circulars that will provide cyber security guidelines for government networks, critical infrastructure, and individuals.
Vitaly Kamluk, research team director at Kaspersky Lab APAC, revealed that the Philippines ranked 8th among top 10 countries in terms of percentage of users affected by mobile malware with 34.97%, or over three in 10 Filipino Internet users with smartphones have been infected with cyber threat. Kamluk noted that in the first three months of 2017, there were 12-million incidents of cyber attacks in the Philippines, of which three-million are attacks from banks.
In terms of mobile threats, there were 1.3-million affected mobile apps while 218,625 were mobile ramsonware. In the last 12 months, four advanced persistent threats (APTs) affecting local enterprises were detected. These include Diplomatic Duck, Naikon Kaba 1, Tropic Trooper, and Spring Dragon. An APT is a type of attack which involves organized and sophisticated hacking into the networks of the target company or individual.
The proliferation of mobile threats is attributed to the popularity of Android phones in the Philippines, according to Kamluk.
In spite of the rising online attacks, Kamluk believes the country’s current state of cyber security management looks bright, saying the Philippines is on the right track in using best practices concerning cyber security. He also stressed that promoting cyber security to young people and understanding security issues are best defenses to counter cyber attacks.
To fight cyber criminals, Stephan Neumeier, managing director at Kaspersky Lab APAC, believes in the importance of awareness or educating people about cyber threats as one of best practices in mitigating threats, as well as promote the implementation of security policies among enterprises.
“With cyber threats aimed at businesses of all sizes anywhere, there’s now an even more resounding call for enterprises to have security policies that go beyond software to also include educating its people to strengthen their practical skills, so they can effectively contribute to the security of the organization,” Neumeier ended.
