The National Bureau of Investigation (NBI) continues to dig deeper into the reported hacking of several government and private business websites by a group of IT experts headed by a Manila Bulletin data officer who goes by the alias "Kangkong."
Also, part of the web hackers are IT students and employees of a company based in the Bonifacio Global City.
This group is suspected of being behind the recent hacking of the websites of the Maritime Industry Authority, the Armed Forces of the Philippines, Philhealth, the National Security Council, and the political group 1 Sambayanan. A member of the group was also caught in possession of vital information of bank depositors in at least four major banks, including usernames, passwords, one-time passwords, and other bank credentials.
Interestingly, suspect Kangkong divulged in an extrajudicial confession that his hacking activities were done in compliance to the orders of his boss, Art Samaniego, the Information Technology section editor of the broadsheet newspaper.
The editor's purpose, according to the suspect, is to write the scoop that a certain government agency's website had been hacked, and shore up his credentials as an IT expert. Of course, Samaniego denied the allegation, but the NBI still issued a subpoena asking him to appear before the investigative body and explain his side.
NBI Cybercrime division chief Jeremy Lontoc did not directly accuse the editor of complicity to the highly organized hacking project that ran for several years. However, Lontoc noted that every time Kangkong succeeds in hacking an important website, it was Samaniego who was the first one to write about it in his column.
This lends credence to Kangkong's claims, the NBI official said.
Before they do any more damage, the suspects are now facing charges of Illegal Access under Section 4(a)(1) and Misuse of Device under Section 5(iii) of RA 10175 or the Cybercrime Prevention Act of 2012, as well as Unauthorized Access or Intentional Breach under Section 29 of RA 10173 otherwise known as the Data Privacy Act of 2012.
This development has alarmed bank depositors because the probers said they recovered vital bank credentials, passwords, usernames and one-time passwords from the gadgets of one of the suspects. The websites of at least four big banks are involved, and the potential damage to the banks, depositors and long-term investors could be serious.
The Philippine consumer and financial markets have transformed a lot since the Covid-19 pandemic of 2020 hastened the use of online transactions in households and businesses.
There is now a growing dependence on online transactions by many Filipinos, and with this, the pivot to a variety of cashless transactions such as bank fund transfers, online wallets, and payment applications.
Unfortunately for every change in economic behavior comes the windows of opportunity for unscrupulous and greedy individuals to ride the tide of change in a manner most favorable to them, even if detrimental to the rest of society.
Various scams, dirty tricks and white-collar crimes have been invented to lure unsuspecting online customers wanting to buy basic necessities and even non-essential goods and services from vendors.
It is for this reason that the government is hurriedly employing various programs and activities to fight the scammers.