By Cliff Venzon and Ditas Lopez
While recent tensions in the South China Sea have highlighted the Philippines’ maritime vulnerabilities, the more insidious risk of state-sponsored cyberattacks – and a lack of resources to handle them – may be the country’s bigger challenge.
In a November report, a Chinese group known as Stately Taurus was blamed for an attack that had compromised a Philippine government agency for five days earlier in 2023, coinciding with clashes between the two countries’ ships in the South China Sea. Stately Taurus’s operations “align with geopolitical topics of interest to the Chinese government,” according to Palo Alto Networks, the US cybersecurity firm that produced the report.
Philippine officials say it is difficult to pin any cyberattack on one specific country. Still, online security breaches in the Southeast Asian nation are widespread. Over 60,000 user accounts were compromised in the third quarter of last year, according to cybersecurity company Surfshark, putting the Philippines among the world’s 30 most-attacked countries. In September, state insurer Philippine Health Insurance Corp. suffered a huge data leak. Hackers defaced the website of the country’s House of Representatives just weeks later.
“Cyberattacks are a bigger threat than the firing of water cannons,” said Sherwin Ona, a cyberdefense consultant to the National Security Council and an associate professor at De La Salle University in Manila.
The government’s cyber response team has 35 members. The group is so understaffed that it is sometimes forced to work with anonymous “black hat” hackers, who may have previously attacked government websites but are willing to offer tips on looming threats, said Jeffrey Ian Dy, undersecretary at the Department of Information and Communications Technology.
“Do we even have the capability, with just 30 people looking at each and every weakness? We do not,” Dy said, adding that the team would ideally number about 200. “We do our best to defend the republic.”
Shortage of funds is the primary obstacle, he said. The Philippines lacks a competitive pay scale to recruit and retain cyber talent within government agencies, according to research backed by the United States Agency for International Development.
Government agencies are not the only ones taking increasing notice of the threat. Romeo Brawner Jr., the Philippine armed forces’ chief of staff, announced plans in October to recruit more “cyber warriors” to combat what he described as near-daily threats, including from unidentified foreign forces.
“Worldwide, cyber is really becoming a very important domain in warfare,” Brawner said at the time. “This new breed of warriors don’t necessarily have to be muscled; what we need are individuals who are intelligent and very skillful in [the] cyber domain.”
In recent months, governments around the world have warned of China’s potential digital threat.
In its latest Annual Threat Assessment, the US Office of the Director of National Intelligence said that “China probably currently represents the broadest, most active, and persistent cyber espionage threat to U.S. Government and private-sector networks.” In May, the UK’s spy agency warned of fresh threats from China’s nation-state hackers.
China’s Foreign Ministry said it opposed “baseless rumors and slanders” and that the country’s stance on cybersecurity was consistent and clear, in an emailed response to Bloomberg News’s request for comment. China usually says it is a victim of hacking when it is accused of carrying out cyberattacks. It also calls the US the world’s top hacker.
Ona said that the experience of Taiwan, which has been subject to massive cyberattacks from China, is particularly instructive for the Philippines.
“China is using Russia’s playbook and uses it against its adversaries,” he said.