Metro Manila (CNN Philippines, October 18) — Confidential funds will be useful for government agencies prone to cyberattacks following the recent data breach on the Philippine Statistics Authority (PSA) and the Philippine Health Insurance Corporation (PhilHealth), Senator Alan Peter Cayetano said.
He pointed to the Department of Information and Communications Technology (DICT) as among agencies which need confidential funds.
The DICT can use the funds to buy information, including hiring a \” black hacker\” as a government asset, or to pay rewards to tipsters, he added.
\”Kung ang penalty sa crime na ginawa ay kulong ng five years, then yung nagsumbong sa kanya may P250,000 or P500,000, it prevents major breaches of our cybersecurity. It’s worth it,\” Cayetano said during the Senate Committee on Science and Technology hearing on Tuesday. Cayetano is chairman of the committee.
[Translation: If the penalty for the crime committed is five years jail time, then the one who tipped off the hacker can get P250,000 or P500,000]
The lawmaker said that the PSA data breach on its Community-Based Monitoring System (CBMs) on Oct 11. and the PhilHealth’s medusa ransomware attack on its data on Sept. 22 were clear signs that the confidential funds are needed.
READ: PSA says alleged data breach limited to one system
READ: Hackers demand $300,000 for compromised PhilHealth database
Cayetano said DICT should conduct a \”fire drill\” so government offices from the national level down to its branches can be ready when such cyberattacks happen in the future.
\”Can we have a code red na when you text all of your branches, that will simply mean [kailangan] patayin na [nila] lahat ng computer [they need to turn off the computer]and wait for further instructions?\” he said.
DICT Undersecretary Jeffrey Ian Dy said the agency does not yet have that sophistication for such a singular command, but its systems for faster communication are now in place.
RELATED: DICT appeals to Congress, bares repercussions of slashed cybersecurity budget, zero confi funds
https://www.cnnphilippines.com/news/2023/10/11/dict-cybersecurity-budget-confidential-funds.html
For his part, PhilHealth Chief Emmanuel Ledesma Jr.said that the ransomware attack does not have a huge impact on its database system.
\”Although some membership data has been compromised, our production servers are intact. It was the individual workstations that were affected,\” Ledesma said.
