cyberattacks

Highest gov’t body for cybersecurity confirms AFP link to cyberattacks – targeted sites

Rappler
Highest gov’t body for cybersecurity confirms AFP link to cyberattacks – targeted sites
Bulalat and Altermidya, two media sites that were the targets of the attacks, publish the contents of the confidential CERT-PH report

The Computer Emergency Response Team – Philippines (CERT-PH), a unit under the Department of Information and Communications Technology, confirmed a finding that an IP (Internet Protocol) address linked to cyberattacks against alternative media outlets and one human rights group is assigned to the Philippine army.

Targeted media sites Altermidya and Bulatlat reported the confirmation in a joint statement on Thursday, September 23.

The statement is also published on Facebook:

The non-profit Qurium Media Foundation originally reported about the findings in June 2021, looking at “brief but frequent denial of service attacks” against Bulatlat and Altermidya, and the human rights group Karapatan.

Qurium found a link between the attacks, the Department of Science and Technology, and the Armed Forces of the Philippines.

Qurium said the DOST responded to the finding, saying “they (DOST) just [assisted] other government agencies by allowing the use of some of its IP addresses in the local networks of other government agencies” and that they were not involved in the attacks.

Qurium also said that DOST did not reveal the government agencies leasing the IP address linked to the attacks.

Qurium and the targeted sites reported the attacks to CERT-PH, the highest government body for cybersecurity related activities.

CERT-PH later made the confirmation – through a confidential report dated August 11 according to the targeted sites – that the IP address Qurium found in the attack log was assigned to the AFP.

The CERT-PH report is only being made public now by the Altermidya and Bulatlat, which deemed it necessary to publish the content of the report. They said, “there is no reason to keep it confidential especially if state agents used public funds and resources to infringe upon our right to publish and the people’s right to information.”

Must Read

‘Billions of requests, thousands of dollars’: Inside a massive cyberattack on a PH human rights group

‘Billions of requests, thousands of dollars’: Inside a massive cyberattack on a PH human rights group

According to the sites, the report was marked “TLP: AMBER.”

TLP: AMBER is a designation in the information sensitivity classification system called “Traffic Light Protocol.” An amber classification implies that information should be restricted to the parties involved, according to the sites.

Altermidya and Bulatlat have released a joint statement thanking CERT-PH, condemning the Philippine Army for the cyberattack, and expressing disappointment at the DOST “for covering up for the Philippine Army.” – Rappler.com