Amid the numerous cyberattacks that government agencies suffered from in the past weeks, Sen. Alan Peter Cayetano floated the idea of providing reward money for catching perpetrators behind cyberattacks provided that there's a stiff penalty for it.
Cayetano, who chairs the Senate Committee on Science and Technology made the statement during the investigation on the recent cyberattack against the Philippine Health Insurance Corporation (PhilHealth).
"Yung crime na ginawa niya kulong ng five years, yung nagsumbong sa kanya may P250,000 o P500,000 (The crime is punishable by five years and imprisonment and the one who informed gets P250,000 or P500,000) it prevents major breaches of our cybersecurity then it's worth it," he added.
The senator also stated that what's good with reward money is that it can be returned if it's not used.
Meanwhile, Cayetano also stated that confidential and intelligence funds (CIF) are clearly needed by agencies that deal with security.
He pointed out that the Department of Information and Communications Technology (DICT) can purchase information by hiring a black hacker that will be paid through confidential or intelligence funds.
"There are certain agencies na klarong-klaro kung saan kailangan at mayroong hindi (that clearly need [CIF] and there are those that not). Ang klarong-klarong kailangan (What's clear is) when you have to do with security," Cayetano said.
"Madali kasi yung security kapag pisikal mong nakikita (Security can be easy when you can physically see it)...yung attack na cyber hindi mo kita kung sino gumawa (the cyberattack you wouldn't see who did it) so that's where the real use of intelligence and confidential can come in," he added.
Asec. Mary Rose Magsaysay, Deputy Executive Director Cybercrime Investigation and Coordination Center (CICC) pointed out that stripping DICT of its confidential funds is like preventing access to secure connectivity since taking care of the country's cybersecurity falls on the shoulders of the agency.
On the other hand, Cayetano also stated that perhaps there may be a way to upgrade the country in a sense that would make hackers think twice before even trying to access a government website.
"You won't basically stop them unless mahuli lahat but you can minimize it to the point na it's not worth their time kasi nga very much ready ang Pilipinas na kontrahin," he added.
DICT Assistant Secretary Jeffrey Ian Dy agreed with this notion and explained that under the National Cybersecurity Plan, they're implementing a protocol wherein at the top is the National Computer Emergency Response Team tasked to handle critical infrastructures with a counterpart in the Armed Forces of the Philippines (AFP) which is the Department of National Defense (DND) - Computer Emergency Response Team.
"In this model that's what we're trying to do to make sure that there is a single point of contact and then from there we can coordinate with other organizations that also have the mandate like the CICC, NBI, PNP, and the NPC," he added.