FIRST SAY:
“Indeed, religion allows people to imagine that their concerns are moral when they are highly immoral — that is, when pressing these concerns inflicts unnecessary and appalling suffering on innocent human beings. This explains why Christians like yourself expend more "moral" energy opposing abortion than fighting genocide. It explains why you are more concerned about human embryos than about the lifesaving promise of stem-cell research. And it explains why you can preach against condom use in sub-Saharan Africa while millions die from AIDS there each year.”
― Sam Harris, Letter to a Christian Nation
◆ ◆ ◆
There have been news stories about website hacking of select government agencies, the newest incident being that of MARINA (Maritime Industry Authority). We also know for a fact that banks, private corporations and businesses, and even government offices with national security implications like the Philippine National Police and the Armed Forces of the Philippines had also been victimized by hackers.
In all these, the Department of Information and Communication Technology (DICT) seems unable to identify much less catch the culprits, when the very tools that they need to do so (computers and the internet) are the same tools used by the syndicates, and could easily lead to them.
Some people are even asking why the illegal hackers are smarter and better than our government computer experts tasked to give us cyberspace security.
To this, we do not know the answer. We can only surmise that the technology and knowledge of how to utilize it may be better grasped by the illegals, in which case we must win over and employ the counterfeiters to our side. Remember the case of Frank Bourassa, the world’s greatest counterfeiter. He became the most prolific counterfeiter in US history, producing $250 M in forged American bank notes in an illicit print shop he set up on a farm.
In the local case, NBI Cybercrime Division chief Jeremy Lontoc said in a press conference in their Quezon City office on Friday that he is worried.
This was because barely a week into his new position as NBI chief, Director Jaime Santiago has already notched a commendable accomplishment— the arrest of three suspected computer hackers victimizing banks, government agencies, Facebook accounts, and private corporations.
One of the suspects is a data officer of the Manila Bulletin, the NBI said.
The NBI officials presented the suspects to reporters yesterday, announcing the results of their operations.
“Yung isa dito ay data officer ng Manila Bulletin. As a matter of fact, ang ina-allege niya base sa kanyang extrajudicial confession, ang may hawak sa kanya, at nag-uutos sa kanya mag-exploit ng mga system ay editor ng Manila Bulletin (One of them is a data officer of the Manila Bulletin. In fact, he alleges, based on his extrajudicial confession, that the one handling him, and ordering him to exploit systems is an editor of the Manila Bulletin),” NBI Cybercrime Division chief Jeremy Lontoc said.
Lontoc noted that their most worrisome discovery is the data from one of the devices of aka "Illusion", "which contains thousands of bank credentials that include usernames, passwords, and even OTPs (one-time passwords)."
These banks, he said, include the Philippine National Bank, Banco de Oro, Union Bank, and Security Bank.
“Magve verify kami tatanungin namin itong mga bangko na ito kung nag eexist itong mga data kasi ito yung gagamitin ng mga scammer natin sa kanilang (we will verify and ask these banks if these data exists, because this will be used by the scammers in their ) exploit,” Lontoc said.
If Lontoc is worried, the more depositors and other people doing business with these banks will be having sleepless nights.
Knives are falling in the stock market as it is, and this kind of news might trigger more and bigger knives to fall.
◆ ◆ ◆
The suspected scammers and hackers, whose faces were covered, were identified through aliases ‘kangkong’, ‘Mirasol’, ‘Sibat’, ‘Ricardo Redoble’, and ‘lulu’, and were involved in multiple unauthorized access attempts and breaches of private and government websites since 2016.
All suspects are members of two big hacking groups, Philippine Lulzec and Globalsec.
Lontoc said they tracked the hackers' movements and monitored online activities to establish patterns and connections linked to their activities.
“Yung isang hacker isa siyang cyber security researcher ng isang malaking company sa (One of the hackers is a cyber security researcher of a big company in) BGC (Bonifacio Global City), ayaw kong pangalanan kasi under investigation po yun, dun siya employed, yung isa naman graduating student siya, dating siyang miyembro din ng (I don't want to name him because it's under investigation, he is employed there. The other suspect is a graduating students, he was also a former member of) Pinoy Lulzsec,” Lontoc said.
The NBI, in its press release, said that on June 14, initial contact with the subjects was made through the informant, where they agreed to meet.
The suspects were arrested on June 19 in a hotel in Manila and underwent inquest proceedings on June 20.
They were recommended to be charged with Illegal Access under Section 4(a)(1) and Misuse of Device under Section 5(iii) of RA 10175 or the Cybercrime Prevention Act of 2012, as well as Unauthorized Access or Intentional Breach under Section 29 of RA 10173 otherwise known as the Data Privacy Act of 2012.
The third subject with an alias 'Allan 10k' will be charged through direct filing.
NBI director Jaime Santiago said that this is only the start of his promise made when he took over the agency.
“Start pa lamang ito we have several operations lined up sunod sunod na ito kaya yung mga scammers, cybercrime hackers maghanda na kayo ito na kami (This is only the start we have several operations lined up and there are more to come, so those scammers and cybercrime hackers, be prepared, we’re coming to you),” he said.
The Department of Information and Communication Technology (DICT), meanwhile, commended the NBI for its arrest of the hacking suspects.
“DICT is part of the National Cybersecurity Interagency Committee (NCIAC) and its working groups that share intelligence and technical information regarding these cases and assist our law enforcement agencies in their efforts to identify, locate, and apprehend suspected cybercriminals,” it said.
In the same press briefing, the arrested data personnel of Manila Bulletin alleged that he was acting under the orders of the paper's tech editor and ICT head Art Samaniego.
The NBI said the allegations against Samaniego are under investigation.
In a statement, my good friend Art Samaniego denied the allegations and said he did not stand to gain anything from the hacking incidents, specifically the hacking of the Armed Forces of the Philippines’ website. Since I know Art Samaniego personally, and I worked with him in the Bulletin for more than a decade, I can vouch that he is a good and honest man. He has made a good name in the field of computing and cybersecurity, even helping the government by pointing out the weaknesses of their websites and systems. He is also often invited by TV and radio networks as a resource person on online issues.
The Manila Bulletin, where I worked for 26 years as deskman, Malacañang reporter, Metro and News Editor, said it has always "adhered to the laws of the land and requires its employees to be law-abiding."
"We expect our employees to be accorded their rights. We assure the public of Manila Bulletin's utmost fidelity to the laws of the land," it added.