The Market Monitor Minding the Nation's Business
By Lito U. Gagni
The Philippine Stock Exchange (PSE) tripping, with trade executions worth billions benefitting hackers and their sponsors, ATM (automated teller machines) illegally coughing out money at designated points in the country, and unfunded checks involving millions being cleared by no less than the Bangko Sentral ng Pilipinas (BSP).
These are just three of many catastrophic events that could play out in the Philippines’s financial infrastructure because of the failure of the country’s companies and agencies and the government itself to modernize the Philippines’s cybersecurity protection measures.
The hacking of the database of the Commission on Elections (Comelec) was the latest manifestation of the vulnerability of the country’s institutions to cybercriminals.
That hacking, led by a fresh information-technology (IT) graduate and his cohorts, defaced the website of Comelec and exposed sensitive information about the country’s 54.3 million registered voters that could be used by criminals in pursuing spurious transactions in the country’s virtually unprotected banking institutions.
To its credit, the BSP was able to thwart an attempt to hack its website because of its “robust” security features, according to BSP Governor Amando M. Tetangco Jr. The central bank chief, who is also chairman of the Anti-Money Laundering Council (AMLC) (not Deputy Gov. Nestor Espenilla Jr., as erroneously reported earlier), urged all entities under BSP supervision to also make sure they have ample security measures. Reports are that banks in the Philippine are already modernizing their security systems against hacking and are investing huge amounts into such efforts.
Of the foiled hacking of the BSP website, Tetangco said BSP officials “continue to update the firewalls and the security features as we move along. It is a continuing effort,” he told reporters.
Still, experts say there is no assurance that measures already taken to prevent hacking are “ironclad” and “foolproof,” as cybercriminals are notorious for their ability to penetrate seemingly formidable defenses.
In an interview, listed US firm FireEye, a cybersecurity organization that Bangladesh Bank tapped to look into the hacking of its systems leading to the $81-million cyber theft of its New York deposits, said the vulnerability of Philippines firms to cyber crimes stems primarily from their continued reliance on outmoded cybersecurity platforms.
“Many organizations in the Philippines today build defensive walls with old technology like antivirus and firewalls, but these are useless against modern cyber security threats,” FireEye Country Manager for Philippines Tom Acero has told me. “ Today’s breaches almost always happen when the attackers trick people on the inside who are unknowingly helping them, such as through spearphishing emails. We all need to realize today’s cybersecurity problem is an adversary problem, not a malware problem.”
“Malware is often invisible to most end-users,” Acero said. “For example, it could come in the form of a CV (curriculum vitae) sent to the HR (human resources) department of an organization. Or a link sent in a fake memo. Malware can look legitimate but it brings very serious risks to businesses and governments.”
But he declined to say whether the printing error that characterized the cyberheist against Bangladesh Bank, that impoverished country’s central bank, resulted from a malware that infected the bank’s computer system. The company had similarly declined to answer questions about what it is doing about the cybersecurity problem that hit the Bangladesh central bank.
FireEye earlier said the Philippines is twice as likely to be hit by hackers than the global average because of the country’s outmoded cybersecurity measures. The name of the game, insofar as hacking is concerned, has already dramatically changed, with malware that could be easily inserted into a company’s computer systems without being detected and practically sleep there until its manipulators awaken it at the “opportune time.”
In the case of the breach at Bangladesh Bank, it was learned that the bank accounts where the stolen $81 million found its way were opened a year before the cyberheist was carried out.
Acero said many large networks in the Philippines are “largely compromised or could be compromised easily.”
FireEye officials said that one way of combatting the new cybersecurity threats is to encrypt the database so that even if the cybersecurity platform were breached, the company’s network would still be a step ahead and can then rewrite its cybersecurity to contain the threat.