No sensitive data was compromised during the recent hacking incident at the Department of Science and Technology (DOST), considered as “one of the biggest” in recent years in terms of compromised data, the Department of Information and Communications Technology said.
The DICT said while it was able to recover part of the hacked system, the DOST has yet to gain access to its own website.
“We are still isolated and we are still locked out from accessing part of the system,” said DICT assistant secretary Renato Paraiso in a virtual briefing.
The DICT has yet to restore access to approximately two terabytes of data on the DOST network that includes information such as schematics, designs, invention proposals, and scientist profiles.
Websites within the DOST network were also compromised.
“This is recently one of the biggest (hacking incidents). Our assessment indicates that the compromised data may include a mix of current and older designs. Regardless, we are taking all necessary steps to mitigate any potential impact of the breach,” Paraiso said.
He said the DOST’s network video recording (NVR) solutions were not secure enough to block hacking threats as it allowed threat factors to penetrate the system.
Paraiso said it usually takes about 45 to 60 days to procure new anti-hacking systems and tools, which is quite slow compared to the pace of global advancements on ICT development.
He said it was still premature to conclude the recent hacking episode was a ransomware attack.
“Unlike with the PhilHealth hacking, this one does not look nefarious and may not affect the public. The PhilHealth hacking incident has compromised many personal data,” he said.
As this developed, the Armed Forces of the Philippines on Thursday said it is boosting its
cyberdefense capabilities by investing in technology and personnel that could help neutralize hacking threats.
“The AFP is enhancing its cyber capabilities through a combination of modernization efforts and strategic investments in technology, training, and partnerships,” AFP spokesperson Col. Francel Padilla said.
These include upgrading the AFP cyberinfrastructure, investing in cutting-edge cybersecurity tools and software, and providing specialized training to personnel.
“We are also enjoining cyber professionals to join our ranks or become reservists,” she said.