The Philippine government should strengthen partnership with the private sector and collaborate with other allies in the fight against cybercriminals, cyber defense and geopolitical said.
Dan Ennis, former director of the United States National Security Agency’s Threats Operations Center, said the strong alliance between the government and the private sector has been proven effective in fighting all forms of cybercrime.
“The biggest strategy you can do, from my perspective, to defeat cybercrime is by sector, by entity, by company, by government agency, by wherever you sit. Set a set of priorities that you will focus on and then communicate those priorities again and again and again, said Ennis during a forum held recently on the establishment of a strong and credible cyber defense posture in the Philippines hosted by the Stratbase Albert del Rosario Institute in partnership with the US Embassy in the Philippines.
"They may change over time, but that communication will do a lot of good, both in helping defend and helping our public gain confidence that we know what we’re doing both in the government and in the private sector,” he added.
Ennis believes cyber threats will continue to evolve as seen in recent developments: “I think our citizenry are going to begin to challenge us both in the public and private sphere with how we respond to cyber. At some point, our citizenry, our public, as they get more educated and as we attempt to fully educate them, is going to demand solutions. It’s an area that we need to be conscious of."
The proposal was recognized by the Department of Information and Communications Technology (DICT), saying it has been pursuing the partnership amid the budget cuts in 2023.
DICT Undersecretary for Special Concerns Paul Joseph Mercado said the agency originally asked for a P34 Billion budget for next year but only P5 Billion was allotted in the proposed 2023 national budget.
“We are trying to make do with what we have. We will try to pursue public-private partnerships. There are ways even with limited budget. If we spend this correctly, I think we will still have a very good future ahead of us in terms of these ICT projects,” Mercado explained.
Whopping increase
The discussion on the cybercrime came amid the notable increase in cybercrime especially during the Covid-19 pandemic when millions of people were forced to shift most of their activities due to lockdowns and other health safety measures.
In its data for instance, the National Bureau of Investigation earlier said that there was a more than 200 percent increase in phishing cases reported to the agency in 2020.
The Department of Justice’s Cybercrime Office, on the other hand, also reported a 264 percent increase in the number of reported online sexual exploitation of children in March-June 2020 alone.
A 2021 survey by Cybersecurity firm Sophos also showed that 69% of Philippine organizations experienced ransomware attacks in 2021. The Bangko Sentral ng Pilipinas also reported receiving 42,000 complaints related to online transactions in 2020-2021, amounting to P540 Million.
Collaborate with state allies
Stratbase ADR Institute President Dindo Manhit urged the Marcos Jr. administration “to explore opportunities to engage in bilateral, minilateral, and multilateral initiatives such as capacity-building and expertise-sharing activities with like-minded partners such as the United States.”
Manhit said cybersecurity must be treated as a matter of national security.
“The country’s digital infrastructure needs to be strengthened as a result of the ongoing exposure to cyber threats, thus policies and initiatives must be developed and put into action,” he added.
Recognizing that building a state’s cyber capabilities is a regional concern, Manhit stresses the need for collaboration in the Indo-Pacific region to enhance defensive and offensive cyber capacities, increase state interoperability, and ensure collective security.
“More importantly, the Stratbase ADR institute advocates for the responsible utilization and behavior of states and other actors in cyberspace and urges everyone to recognize that international law governs both online and offline spaces... the need for cybersecurity is an opportunity for cooperation among states in the region. Only by creating a strong and credible cyber defense posture will the Philippines and Indo-Pacific be able to achieve a secure and trustworthy digital community,” Manhit said.
United States’ Cybersecurity and Infrastructure Security Agency Program Manager Paolo Pascetta said relationship with its treaty allies in the region, including the Philippines, is a paramount importance to the United States as they confront threats from state and non-state actors.
Pascetta said CISA plans to hold training sessions on cyber hygiene and cyber work force development in Manila in the early 2023.
“I don’t think that it’ll come as a surprise that cybercrime is exploding. Various projections exist numerically anywhere from 4 to 6 trillion annually is the cost of cybercrime. It is also anticipated that the digital transformation as part of another industrial revolution that we are currently undergoing will create an estimated hundred trillion of additional value to the world economy by 2025,” Pascetta explained.
De La Salle University Assistant Professor of International Studies Francis Domingo also urged the government to strengthen the National Security Cybersecurity Plan by including diplomacy and the Department of Foreign Affairs in the framework.
“Diplomacy was not figured in the plan. The Department of Foreign Affairs was not part of the inter-agency framework. They are front and center because of what’s happening now, the increasing cyber skirmishes. So diplomacy means norms. Diplomacy means international law. We already have a set of cyber norms," Domingo explained.
“I argue that if we’re facing, let’s be blunt, Chinese cyber operations, the logical strategy is to leverage our alliance because we already have it. Whether the treaty covers cyber is still in a gray area but it does not mean that we can’t focus on capacity building, we can’t focus on exercises, and we can’t focus on diplomacy,” he added.