Insights and Analysis

Cybersecurity: A Common Peril

April 27, 2022

By Basilio Claudio

Growing Danger in a Digitalized World

In November of 2020, the Philippines experienced a massive data breach in the transportation sector. A fake website purporting to be an official page of the country’s Land Transportation Office (LTO) asked users to register information about their vehicles, including license plate number, vehicle type, date of registration, and the owner’s identity. Almost 10,000 drivers submitted this information, believing it was an official government website. The creators then used these personal details to obtain records from the real LTO website and acquire even more data. The website was shut down after the fraud was discovered, and the National Privacy Commission launched an investigation. Overall, 9,952 driver’s licenses and identifying information for 19,406 motor vehicles were stolen. It remains the biggest theft of Philippine drivers’ data to date.

While incidents like this have occurred around the world, the Philippines has been a proving ground for cyberattacks, due to its weak defenses. Cybersecurity threats to states, companies, and individuals have emerged as a major risk with often crippling, real-world implications. Covid-19 unleashed a tsunami of cyberattacks on electoral, health, transportation, and financial systems seeking sensitive personal data, while rampant disinformation from troll farms targeted a population spending more and more time on social media.

(Photo: The Asia Foundation)

Secure Connections

These growing risks are the subject of a new report, Cybersecurity in the Philippines: Global Context and Local Challenges, by Secure Connections, a coalition of cybersecurity advocates supported by The Asia Foundation. The group includes specialists in fields such as network security, finance, electoral systems, and legislation.

The research team studied how the global pandemic was affecting security in our online spaces. It soon became clear that these digital threats will persist well beyond the immediate health crisis. They are the consequence of larger changes in the global order, driven in part by the actions of major countries that shaped it.

The research combined information from existing studies and reports with interviews with experts, advocates, and industry insiders, especially in important sectors such as banking, transportation, ecommerce, water, energy, and electoral systems. The series of essays that make up the report address questions such as where do cyber threats originate, why do certain actors target vulnerable individuals online, and what are the structural factors that constrain the development of better security in these fields?

Defining the Cybersecurity Landscape

The report offers several key findings about the nature of cyberattacks and the actors who orchestrate them. First, while cyberattacks originate in digital space, they cause real-world harm. The Philippine economy is uniquely dependent on internet technologies. A large chunk of our GDP comes from the business-process outsourcing industry. When these digital technologies are compromised, our national industries are also affected. The tangible harms of cyberattacks were felt, for example, in the massive bank hack that took place in December 2021. Funds from 700 clients of Bangko de Oro were stolen by a syndicate of two Nigerians and three Filipinos. The funds were transferred to a dummy account, triggering another investigation by the Bangko Central ng Pilipinas. The attack was doubly alarming because banks usually have the most rigorous digital security.

Another important finding of the report is that cyberattacks are taking place in a rapidly digitizing world and an internet increasingly divided along national lines. The pandemic accelerated the shift to digital spaces that was already taking place. E-commerce, telemedicine, and working from home have multiplied opportunities for online attacks. The problem has been compounded by the philosophical divide among the world’s most powerful nations over how to regulate the internet. On one end of the spectrum are states that believe in a free and open internet where individual privacy is paramount and takes precedence over government oversite. On the other end are states that believe the internet must be subject to pervasive government control to maintain social order and promote national interests.

In the domestic sphere, the report found that the Philippines lacks a systematic governance framework to respond to cyberattacks. This is due in part to misconceptions that cyber threats are not as serious as other threats or that the Philippines is an unlikely target of rogue actors.

One of the first steps in the research process was to take stock of existing laws and policies. It became apparent that there is no holistic legal approach to cybersecurity. Current laws focus only on a specific subset of issues, such as data privacy (the Data Privacy Act of 2012) and cybercrime (the Cybercrime Prevention Act of 2012). The Department of Information and Communications Technology has produced a roadmap for improving national cybersecurity, the National Cybersecurity Plan of 2022, but the plan is contingent on the availability of funding and resources.

Without a controlling legal framework, government agencies fail to take the necessary steps to protect their information systems. This was evident in a recent hack of the electoral system. In January 2022, the Manila Bulletin reported a breach of the server of the Commission on Elections (COMELEC). The hackers stole 60 gigabytes of data, including usernames and personal identification numbers from vote-counting machines, network diagrams, IP addresses, lists of all privileged users, domain administration credentials, passwords and domain policies, access to the ballot-handling dashboard, and QR code captures. In response, the National Bureau of Investigation launched a probe with Smartmatic and COMELEC officials to get a clearer sense of the incident. The results of the full investigation have not yet been released. So far, the incident has brought calls from several groups for COMELEC to take stronger measures to maintain the integrity of their systems.

A Common Peril

The research team tried to write for both policymakers and the public, reflecting a key recommendation of the report: to treat cyber resilience as both an individual and a collective responsibility. Policymakers should close the knowledge gap for individuals through concrete initiatives such as skills training for cybersecurity specialists and cybersecurity education in schools.

At the policy level, small improvements to our digital security frameworks can deliver huge benefits. One step would be to adopt minimum information-security standards to keep vital information safe, confidential, authentic, and available only to those with authorized access. And all interventions must be based on hard data. Sectoral data on cybersecurity incidents and practices must be collected at the local level to formulate evidence-based solutions.

The team hopes that the report will advance the cybersecurity agenda in the Philippines. The report provides a baseline assessment of where we are today as a starting point. Updating our existing cybersecurity frameworks will cost time, money, and political capital. But inaction will be even costlier: we cannot afford to fall behind in protecting our collective cybersecurity.

Read the full report, Cybersecurity in the Philippines: Global Context and Local Challenges.

Basilio Claudio is a program officer for The Asia Foundation in the Philippines. He can be reached at [email protected]. The views and opinions expressed here are those of the author, not those of The Asia Foundation.

Related locations: Philippines
Related programs: Technology & Development


About our blog, InAsia

InAsia is a bi-weekly in-depth, in-country resource for readers who want to stay abreast of significant events and issues shaping Asia’s development, hosted by The Asia Foundation. Drawing on the first-hand insight of renowned experts, InAsia delivers concentrated analysis on issues affecting each region of Asia, as well as Foundation-produced reports and polls.

InAsia is posted and distributed every other Wednesday evening, Pacific Time. If you have any questions, please send an email to [email protected].


For questions about InAsia, or for our cross-post and re-use policy, please send an email to [email protected].

The Asia Foundation
465 California St., 9th Floor
San Francisco, CA 94104

The Latest Across Asia

2024 Lotus Leadership Awards

Thursday, April 25, 2024, New York City

The Lotus Leadership Awards recognize contributions towards gender equality in Asia and the Pacific