Cyberattack locks DOST out of system, hackers steal 2TB worth of data

By JISELLE ANNE C. CASUCIAN, GMA Integrated News Published April 3, 2024 11:36pm The Department of Science and Technology confirmed that at least two terabytes of data have been compromised by local hackers in a cyberattack on Tuesday. In a statement on Wednesday, DOST Secretary Renato Solidum Jr. confirmed the incident and stated that it […]

Cyberattack locks DOST out of system, hackers steal 2TB worth of data

Cyberattack locks DOST out of system, hackers steal 2TB worth of data thumbnail

By JISELLE ANNE C. CASUCIAN, GMA Integrated News


The Department of Science and Technology confirmed that at least two terabytes of data have been compromised by local hackers in a cyberattack on Tuesday.

In a statement on Wednesday, DOST Secretary Renato Solidum Jr. confirmed the incident and stated that it was being treated with the “utmost seriousness”.

“We are collaborating closely with the Department of Information and Communications Technology (DICT) to actively monitor the situation. Our technical teams are working diligently to address any vulnerabilities and reinforce our cyber defenses,” said Solidum.

“The DOST remains dedicated to ensuring the security and integrity of its digital assets. We will continue to enhance our cybersecurity protocols to prevent similar incidents in the future,” he added.

DICT Spokesperson Assistant Secretary Aboy Paraiso said that the compromised data locked out DOST from its own systems.

“Whenever these systems become vulnerable, it’s always attributable that the systems that they employ are vulnerable. Ibig sabihin, baka nakapagemploy sila ng isang [compromised] technology or their firmware or their security is medyo outdated, (This means they might have employed [compromised] technology or their firmware or their security is somewhat outdated)” said Paraiso in an interview with GMA News Online.

“It’s sometimes understandable kasi ang technology po talaga mabilis magpalit eh. (It’s sometimes understandable because technology really is quick to change) Sometimes you procure something and because of the process of the government, medyo matagal din ang procurement process natin… (Our procurement process is pretty long…) Something that you procure now may be obsolete 6 months from now,” he added.

The agency has since isolated all affected systems and placed preventive measures to avoid further hacking incidents.

“When DOST called us for our help, kasi kailangan naman talaga kasi we need their log-ins, DICT already sent our NCRT, National Computer Response Team natin. On premises na po sila since earlier today sa DOST. They conducted yung remedial, tiyaka mitigating processes natin para una, to mitigate di na ganon kapinsala, and [pangalawa,] to remediate para maayos and marecover yung mga access dito sa mga nacompromise na data,” said Paraiso.

(When DOST called us for our help, because they really have to because we needed their log-ins, DICT already sent our NCRT, our National Computer Response Team. They have been in the premises of the DOST since earlier today. They conducted the remedial and our mitigating process to first, mitigate the damages and [second], to remediate to repair and recover our access to the compromised data).

The local hackers who compromised the DOST system also left a note attributing the incident to a movement called “#opEDSA” organized by “ph1ns” and claimed that their actions were done to protest Charter change.

“Hindi natin sila mapigilan kung anong claim nila, but we can surmise right now and we can say [with a] degree of certainty that these are local threat actors. Tapos, when it comes to their motives, di pa natin matukoy what their true motives are for doing this but again because of the pattern ng pinaggagagawa nila dati, we can develop a profile about them and ascertain the true motives [of] why they’re doing this,” Paraiso said.

(We can’t stop them with whatever their claim is, but we can surmise right now and we can say [with a] degree of certainty that these are local threat actors. Then, when it comes to their motives, we can’t really say what their true motives are for doing this but again, because of the pattern of what they did before, we can develop a profile about them and ascertain the true motives [of] why they’re doing this).

“I’d like to reiterate the position of the government that we do not respond well to threats. We do not deal with these threat actors and we do not bend to the will of criminals,” he added.—RF, GMA Integrated News