Hootsuite, a US-based social media
management platform, published a digital trends report early this year. The
report indicated that the Philippines now have 67 million internet users. All
of these users are active on social media.
Elsewhere, according to cybersecurity
firm ExpressVPN’s research on internet use in thePhilippines, a
typical Filipino spends 9 hours online per day. The report goes to state that
thanks to this prevalent use, the government has started initiatives aimed at
providing free internet to 99% of the country.
As a result of this widespread
internet use, cybercrime is also on the rise. The Philippine Cybercrime Report
2016-2017 indicated that the various relevant investigative divisions received
a total of 3,951 complaints of cybercrime between January to December 2016.
That was 53.92% higher than the
number of complaints received the previous year. If there is any chance of
successfully combating cybercrime in the country, it is essential to understand
the tech threats facing Filipinos in 2019.
1. Facebook Hacking
Just recently, in September of this
year, a Facebook data breach compromised the personal information
of 755,000 Facebook users in the Philippines.
The data breach compromised the
users’ basic profile such as name, email address and phone number. It also
compromised other sensitive data such as location, list of friends, groups and
recent search queries.
Even though Facebook claimed to have
fixed the breach within three days on September 28, it does not change the fact
that thanks to this breach; these 755,000 Filipinos are now future targets of
attacks.
With such a breach, the hackers can
use the information to design a phishing or spam attack that is next to
impossible to detect. Consider this scenario. User A is a fashion enthusiast,
and she follows some reputable fashion brands.
User A’s most recent queries revolved
around fashion, and some of her friends are fashion icons. With such data now
in the hacker’s hands, all they have to do is design a believable advertisement
that is seemingly from one of the brands User A follows.
Since they have her email address,
they can send advertisement via email and chances are high User A will click on
any links embedded in the email. That done, the hackers now have access to
everything they need—from banking information to sensitive passwords and
usernames.
So real is such a scenario that
Privacy Commissioner Raymond Liboro said that Facebook ought to take into
account the culture gap when it comes to risk analysis and react accordingly.
In essence, he was saying that
compared to developed countries, those affected in the Philippines did not
fully realize the risk and exposure. Every Filipino should keep this in mind as
2019 approaches.
2. Ignorance of
Cybersecurity Best Practices
Globally, cybercrime is on the rise.
Cybercriminals are using the advancing technology to their advantage to device
even more sophisticated modes of attack. To stay ahead of the cybercriminals,
one has to practice cybersecurity best practices religiously.
Unfortunately, most people are
ignorant of these practices and only try to educate themselves once an attack
has already happened. A good example is the ABS-CBN online storehack that affected
208 customers.
The hackers uploaded the malicious
code on August 16th, and it kept running until the store takedown in
October. Information stolen included customer’s name, credit card number,
credit card expiration date and card verification number.
The saddest thing is that the store
could have avoided this hack by using multi-factor authentication. The hackers
kept guessing the Admin’s password until they got it right. They then used the
access to upload the malware.
With multi-factor authentication,
even after guessing the right password, they would have encountered another
layer of protection such as verification via phone number. In addition to
multi-factor authentication, here are some more best practices every Filipino
should keep in mind.
- Use of a good firewall
- Always document your cybersecurity practices for future reference and to enable you to discard one that isn’t working anymore.
- Constant reeducation on emerging threats.
- Consider mobile phones as a source of threats and plan for them
- Enforce safe password practices such as employees changing their passwords often.
- Always backup your data.
3. There Aren’t Enough
White Hat Hackers and Yet Too Many Black Hat Hackers
In a recent hacking conference known
as Rootcon, Raymund Liboro, the Privacy Commissioner urged all white hat
hackers to rise and help improve cybersecurity in the Philippines. In essence,
he was asking for help in combating the rise of black hat hackers.
A few months ago, in April, a
Filipino black hacking group known as Pinoy LulzSec hacked numerous websites
including government sites such as the official website of the Municipality of
Sta. Cruz.
The hacking of these sites is an
annual event, and the group has promised to extend the event to April 3rd
come next year. That means more websites will be hacked and the information
exposed to everyone.
The need for white hat hackers is
particularly urgent due to the launch of the PhilSys next month. PhilSys is a
Philippine Identification System that will centralize all the personal
information of Filipino residents.
Data from this system is sensitive
and needs to be secure. As Liboro noted in the same conference, white hackers
can play a significant role in helping secure the information from this system.
The Philippine government’s intention
to work with white hackers is so serious that Liboro announced an upcoming
“hackBAYAN” project. The project aims to work with white hackers to help the
PhilSys managers identify weaknesses in the system, and develop strategies to
deal with the flaws.
Final Word
With such weighty security threats, the need for
cybersecurity experts in the Philippines is on the rise. The demand for white
hackers and top cyber security firms is a burning need. Keeping this in mind is
essential.
Writer’s bio:
Jack
is an accomplished cybersecurity expert with years of experience under his belt
at TechWarn, a trusted digital agency to world-class cybersecurity companies. A
passionate digital safety advocate himself, Jack frequently contributes to tech
blogs and digital media sharing expert insights on topics such as
whistleblowing and cybersecurity tools.
The Philippines VPN that I use is Ivacy. It's cheaper and more efficient that any of the providers in the market.
ReplyDelete