The Philippines’ cybersecurity issue: More than 5 billion cyber attacks daily, report says

The Philippines saw a sharp increase in cyber attacks in the first quarter of 2024, with the number of attacks reaching a staggering five billion per day . This is a significant 28 percent increase from the previous quarter’s 3.9 billion.

In this blog, we will explore some of the most popular types of cyber attacks in the Philippines in 2024, recent high-profile cases and the necessary measures that the government and organizations must adopt to ensure they remain resilient against evolving cyber threats.

Cybersecurity threat #1: DDoS attacks

Cybercrime in the Philippines takes various forms, employing different methods depending on the objectives, whether obtaining bank information, personal data or other sensitive information.

Among them are Distributed Denial-of-Service (DDoS) attacks, which aim to disrupt online services by overloading their traffic.

An infamous group known as Exodus Security has been responsible for carrying out DDoS attacks on Philippine government websites. The group has been involved in leaking stolen data from its targets in the Philippines, as well as other countries such as the United Kingdom, France, Indonesia, and India.

Recently, there have been cyber attacks in the Philippines by a local group called DeathNote Hackers. They are said to have leaked data from the Bureau of Customs, with the stolen data amounting to 4.5 gigabytes and containing personal information of over 2,200 employees and approximately 80,000 customers.

Cybersecurity threat #2: Malware attacks

Malware presents a high-risk cyber attack threat. Malware, short for malicious software, is any app or software designed to disrupt device or computing operations, steal sensitive data or gain access to system resources. It can take different forms, including computer viruses, ransomware, spyware, Trojan horses and worms.

In February, hackers used malware to access and control the Philippine Coast Guard’s (PCG) Facebook page, posting two malicious videos. This was the third time the PCG has been targeted by hackers this year. In mid-February, the PCG’s X (formerly Twitter) account was hijacked for several hours. The month before, the PCG’s website was one of several Philippine government sites attacked by hackers with IP addresses in China.

The Philippine National Police (PNP) also recently experienced several system breaches. The hackers gained access to the PNP’s Logistics Data Information Management System, which is the official repository for data on police equipment and physical assets. They also breached the online permits application platform of the PNP-Firearms and Explosives Office. The PNP is working with the Department of Information and Communications Technology (DICT) to investigate potential malware activity and malicious accounts created for the cyberattacks.

Then again in July, the DICT itself was compromised by a threat actor known as ph1ns. This hacker group, notorious for reigning havoc and causing disruption across various government systems in the Philippines, infiltrated the DICT’s Disaster Risk Reduction Management Division and disclosed screenshots and detailed system descriptions on a dark web forum.

A message posted on the DICT-DRRMD website revealed ph1ns’s motivations from a hacktivist position, stating, “This attack is not merely to ridicule DICT’s reputation but also to fortify the nation’s cyber defense by embarrassing them.”

5 measures for mitigating cyber risk

The Philippines will continue to be a target for cyber attacks. To mitigate against these ongoing threats, local government agencies and organizations must adopt a proactive and layered defence strategy.

Here are some of the best measures they should consider:

• Regular security audits and assessments

  • Conduct regular security audits and assessments.
  • Perform internal and external evaluations.
  • Update vulnerability assessment and penetration testing (VAPT) regularly.

• Advanced threat detection and response using latest technologies

  • Invest in AI-driven analytics, machine learning and behavioral analysis tools.
  • Implement Security Information and Event Management (SIEM) systems.

• Robust incident response and mitigation plans

  • Develop and maintain clear procedures for detecting, responding to, and recovering from cyber incidents.
  • Regularly test and update these plans through simulations and drills.

• Comprehensive training and awareness programs

  • Provide ongoing cybersecurity training and awareness programs for all employees.
  • Educate staff on recognizing phishing attempts, social engineering tactics and other common attack vectors.

• Legislative and regulatory compliance

  • Ensure compliance with relevant cybersecurity regulations and standards, and not simply performing Checkbox Security.
  • Stay abreast of legal requirements and industry standards.

Cybersecurity solutions for a safer tomorrow

With cyber threat incidents on the rise, C8 Secure is committed to working closely with corporations and governmental agencies to provide practical, adaptable, preventable and problem-solving security solutions.

Learn how our expertise can help your organization stay ahead of cyber threats – contact us today!

Let’s Get Started