Philippines thwarts cyber attacks on Marcos, government agencies

MANILA, Feb 6, 2024 (AFP) – The Philippines has thwarted thousands of “sophisticated” cyberattacks targeting the websites of President Ferdinand Marcos, the Philippine Coast Guard and other government agencies, an official said Tuesday.

Hackers began the attacks last year and an investigation was underway to determine if the perpetrators were based in China, undersecretary Jeffrey Ian Dy of the Department of Information and Communications Technology (DICT) told a congressional hearing.

Dy said the attackers used multiple internet protocol addresses from cnc.net “located within China”, but the Philippines needed China’s help to determine if they were the “real perpetrators”.

DICT spokesman Renato Paraiso said previously they were not accusing anyone in the Chinese government of involvement.

Two servers hosting various websites of the Overseas Workers Welfare Administration were hit with “brute force attacks” between December and February, Dy said.

Attackers were seeking to obtain login information, credentials and encryption keys, he added.

The attackers sought last year to embed malware in Marcos’ personal website as well as the website of the Philippine Coast Guard, Department of Justice and the DICT, which used a Google cloud service, Dy said.

“The type of attack used is very sophisticated,” a malware embedded in the random access memory of computers which cannot be detected by anti-virus software, he said.

“We were able to defend it and we were able to already remove the traces of this malware,” Dy said.

“We also blocked the command and control structure so that they can no longer harm us.”

The Chinese embassy in Manila said Beijing was not involved in the attacks, insisting it “opposes and cracks down on all forms of cyber attack and other illegal activities on Chinese soil or using Chinese infrastructure.”

When asked about the attack, China’s foreign ministry on Monday called cybersecurity a “global challenge”.

“China always strictly cracks down on cyber attacks in all forms in accordance with the law and stands for dialogue and cooperation among all countries to jointly safeguard cybersecurity,” spokesperson Wang Wenbin told a press conference.