Chief Information Security Officer Angel Redoble of ePLDT and the Development Academy of the Philippines’ Dr. Chester Cabalza identified the threats brought about by today’s technologies and cyber space during the DAP’s “Kartilya Session on Cyber Security” held last June 1 at the DAP Headquarters in Pasig City, saying that it can no longer be considered as second priority as it was before since cyber risks are real and can put the entire country at a complete risk.
Redoble said it was very difficult in the past to convince even high-ranking government officials about the threats that may be brought by cyber risks and challenges to the country, but they now realize the reality of such risks. He explained that cyber risks are non-quantifiable and non-predictable.
“You can only quantify cyber risk when you are already compromised,” Redoble said while also stressing that organizations will never be able to predict when they are going to be compromised. “Cyber risks on a national security perspective can put the entire country at a complete risk.”
Redoble cited four major threats in cyberspace: cyber war, cyber espionage, cyber terrorism, and cybercrime.
He said that a traditional weapon is built with restricted materials and is traceable. It also requires a special facility to develop such weapon. A cyber weapon however can be built with little or no restrictions, is difficult if not impossible to trace and there are unlimited talents and programmers who can create weaponized codes or exploits.
“Our country has been the playground of hackers coming from other countries,” Redoble said as he stressed that other countries probably see the Philippines as very vulnerable to cyber espionage.
He also affirmed that cyber terrorism used to be a theory a few years back but not anymore. It is because a few years ago, he said, the question was if a cyber terrorist was operating in cyberspace, or if anybody who launches an attack and produces a result could be considered a terrorist.
Redoble also added that terrorist groups have 24/7 help desks where their members and supporters can chat or call to learn how to become anonymous in cyberspace.
“In cybercrime, there are internal and external threats that could compromise organizations’ information and data which can tarnish their reputation and affect their revenue,” Redoble added.
He identified the true cost of cybercrime by stressing that in 2021, business revenues would have a total of $6 trillion in global financial loss, with $2 to $3 trillion expected to be incurred in 2018 alone. This explains why cyberattacks have been ranked sixth in 2017 among top global risks and ranked third in 2018.
Exploits, bots and malwares are known to be the enemies of cyber security, Redoble said.
“An exploit is any attack that takes advantage of vulnerabilities in applications, networks, operating systems or hardware and it aims to gain control of computers and steal network data,” he explained.
On the other hand, he said that botnets are entire networks of computers controlled and instructed to do a bunch of things such as attacking computers, sending spams and phishing emails. A computer user may get any of 677,000 different malwares which are programs or files that are harmful to a computer’s system.
Political, economic, socio-cultural, and military reasons serve as the major motivations for people’s developing these kinds of software, according to Redoble. This is linked to acts of physical violence, massive cyberattacks due to land dispute, and the creation of malicious activities that spur other security research companies to buy exploits.
Complexity and expertise are the challenges to the evolving threats that entail companies to constantly evolve to keep up in terms of people, process, and technology, Redoble said. Since cyber security is also not being taught in the country, he said local companies are not able to hire people who are really good in the field.
“Reengineering your cyber security approach requires intelligence,” said Redoble as he emphasized that the country needs visibility by not waiting for a cyber threat to arrive but instead finding it long before it occurs in our environment.
“In my 23 years in this industry, I can say with a very strong argument that the traditional security approach is not working,” Redoble said of the approach that is preventive and detective.
This approach employs initiatives expected to cover the pre-attack scenario, scenario during attack, and post-attack scenario caused by cyber risks and challenges.
Two more approaches
However, Redoble affirmed that this approach only addresses 50 percent of the story and that there is a need to implement two security approaches to complete the cycle – predictive and responsive.
Predictive is where intelligence and a lot of cyber threat intelligence initiatives come in while being responsive entails the readiness to respond since there is no absolute security.
Cabalza, on the other hand, identified three types of phishing emails. These are clone phishing, spear phishing, and whaling.
He further said that some of the country’s responses in the past when the Philippines had issues in cyber security included legislation that has not proven to be very effective.
Public Telecommunications Policy Act (R.A. 7925), for example, aimed to solve the problem of enforcements and implementations of laws. However, policy makers weren’t able to foresee the repercussions of cyber security. An Act Authorizing the Commission on Elections to Use an Automated Election System (R.A. 9369) also intended to lessen election fraud, but such irregularities are still occurring at present.
Access Devices Regulation Act (R.A. 8484), Cabalza said, is another law implemented to safeguard people’s automated teller machine cards, while the E-Commerce Act (R.A. 8792) includes hacking or cracking, piracy, and other violations. The Anti-Money Laundering Act (R.A. 9160), on the other hand, aims to protect and preserve the integrity and confidentiality of bank accounts. The policy also ensures that the Philippines shall not be used as a money laundering site for the proceeds of any unlawful activity.
Cabalza emphasized that cyber terrorism and cybercrime are still prevalent in the country despite having plenty of laws concerning cyber security.
He also affirmed that cyber war is considered as the country’s fifth domain. “While information and communications technology (ICT) is a vital element that links and educates people, it can also be employed as a weapon to infringe on personal privacy and disrupt critical cyber infrastructure.” Cabalza said.
“We need a synergy of efforts coming from different stakeholders, from the government, private sector, and of course from civil society,” he declared while underscoring that everyone should partake in this endeavor of dealing with cyber security. Cabalza affirmed that cyber security is a human-induced disaster so if people don’t act to prevent this, they cannot reduce its impact. – Jeannalla Burns