The Philippine Star reports that a large number of government and corporate websites were hacked and vandalized by a group calling itself the “Indonesian Defacer Team,” which replaced the normal web pages with messages praising itself.
“Some of the defaced websites are those of Barangays Sto. Niño and Malaya of Pinamalayan, Oriental Mindoro, towns of Tabuk and Tanudan in Kalinga, Angat in Bulacan, the provincial government of Quezon, two microsites of weather bureau PAGASA, and the Protected Areas and Wildlife Bureau,” the Philippine Star reports.
“Websites of private schools such as ACLC College Taguig, Bulacan Ecumenical School, University of Perpetual Help System DALTA, and Central Philippine University have been hacked,” the report continues. “Local private companies including The Healthy Life, Truckworld, Xellex Corporation, TravelBox, and Lowtemp Corp. were also affected.”
Although it has perpetrated similar attacks in the past, the Philippines chapter of the Anonymous hacker collective said it was not responsible for these hacks. Anonymous Philippines irritably asked visitors to its Facebook page to “please stop messaging us regarding the defacements currently circulating online.”
The Filipino Times notes that the Indonesian Defacer Team did not indicate the motive for its attack. Notably, the group uses a picture of a masked militant brandishing an assault rifle in its logo.
Some of the affected websites have been restored, while at least one targeted website, Bangko Sentral ng Philipinas (the central bank of the Philippines) was able to repel the hackers.
The Filipino Times advised readers to “be extra careful in opening government websites” until they have been fully restored and cleansed of potential malware infestations.
Coincidentally, the website Rappler ran an article earlier this week about the alarming state of cybersecurity in the Phillipines, whose government “seems to be a favorite target of hacking.”
Hacking websites is a popular way of getting the Filipino government’s attention, in Rappler’s estimation, with waves of website attacks protesting everything from poor ballot security to the passage of a cybercrime bill.
Usually these are acts of electronic vandalism, similar to what the Indonesian Defacer Team has done, but in at least one case there was a substantial breach of sensitive data, including voter registration information, prompting fears of “massive identity theft.”
Among other dismal metrics, Rappler reports the Kaspersky security company rated the Philippines 33rd out of 233 countries for cybersecurity threats in the third quarter of 2015, jumping ten spots in a single quarter. Symantec’s latest Internet Security Threat Report put the Philippines at number 20 in the world, and number 3 in Asia.
Kaspersky warned that 17 percent of Filipino users’ systems are “infected with malicious programs or malware used by cybercriminals. Symantec said the country is hit by an average of 17 ransomware attacks per day. Another security firm, FireEye, reported that systems in the Philippines are “twice as likely to face an advanced cyberattack, compared to the worldwide average.”
Security experts have said the relatively small number of skilled IT and cyber-security professionals in the Philippines, and inadequate funding for government security measures, are the primary reasons for the high incidence of successful hacker attacks.