Metro Manila (CNN Philippines, January 12) — The Cybercrime Investigation and Coordinating Center (CICC) has yet to rule out the possibility that a cyberattack caused the shutdown of the country’s air traffic management system on New Year’s Day.
At a Senate hearing on Thursday, CICC Undersecretary Alexander Ramos clarified it had only conducted an initial investigation, which is “not conclusive.”
“The priority that was given to us is to help CAAP (Civil Aviation Authority of the Philippines) restore its system to normalcy. That’s why we brought in equipment and manpower on orders of the DICT (Department of Information and Communications Technology) Secretary,” Ramos said.
“We have not gone beyond that restoration process. If there was a cyberattack, we have not reached that level of communication within the CAAP,” he added.
Ramos also said the CICC lacks the tools and equipment to scan the system.
“So there’s still a possibility what happened is due to cyberattack?” Sen. Win Gatchalian asked.
Ramos responded: “It may be, but we need to conduct an assessment.”
Gatchalian called for a formal investigation, and said he will request a more detailed briefing in an executive session.
“We cannot rule out cyberattacks as a cause of this disruption. In their report its written there ‘unlikely’ which gave me the impression that it’s already out of the table,” Gatchalian said. “But right now because of their request for an executive session, it seems to me a possibility and urgency that should be looked at.”
Sabotage?
Meanwhile, Senate President Miguel Zubiri raised the possibility that internal sabotage was behind the NAIA breakdown.
“I cannot fathom the idea that the CNS/ATM [Communications, Navigation and Surveillance Systems for Air Traffic Management] would conk out on its own,” Zubiri said.
He decried the lack of closed-circuit television (CCTV) cameras within the CAAP’s CNS/ATM equipment room.
“Are you trying to tell me that in this most sensitive section, there is no CCTV footage? Hindi ko po maintindihan na walang security footage diyan sa pinakamaselang lugar ng mga equipment ng CAAP. Hindi natin alam, baka may double agent na diyan, o may tao na diyan na nag-sabotage ng equipment,” Zubiri said.
[Translation: I don’t understand why there is no security footage in the most sensitive area with the CAAP’s equipment. We don’t know, there might be a double agent or a person who sabotaged the equipment.]
Both Gatchalian and Zubiri have called for thorough, forensic investigations into the possibility that a cyberattack or sabotage from within the CAAP was behind the fiasco.
Sen. Risa Hontiveros pointed out that the CAAP’s role in the investigation might prove to be a conflict of interest. “Perhaps we at the Senate should consider a different aviation body that could join the investigation,” she said.
Senators also lamented the state of the CAAP’s equipment after it was revealed that third-party experts had not conducted maintenance checks on the CNS/ATM and the system’s uninterrupted power supply since 2020.
The CAAP instead conducted its own in-house maintenance checks through trained employees.
READ: CAAP, DOTr eye new backup air traffic management system by Q1 2023
