Who's the hacker? Comelec says its welcome to investigations

It's the election season, and the Commission on Elections' (Comelec) assumption is that whoever committed the alleged hacking of its servers believed that it would tarnish the May 2022 polls' reputation.

NTT’s October Threat Report sees hackers infiltrating systems through email

For this very reason, Comelec spokesman James Jimenez said in a press briefing on Wednesday, Jan. 12 that they are very intent on finding out who is behind this in order to defend the integrity of the elections.

According to him, the Comelec is working hard to validate all allegations because they understand how important it is as many have already expressed concern over it, especially Malacañang.

"Many quarters have in fact called for investigations. Comelec welcomes these investigations. We are eager to participate in these exercises," he added.

When was it reported?

Jimenez said that Comelec did not just react on Jan. 10 when the article regarding the alleged hacking was published as per the claim of Art Samaniego Jr., Manila Bulletin's Technology Editor & IT Head on his post on Jan. 11 on his Facebook account.

"We were told that a group was trying to reach out to Comelec and we were taking it through the proper channels," he recalled.

The Comelec spokesperson said that the information they obtained was suspicious from the beginning and explained that they cannot just act on it immediately since they must verify it first.

"This was brought to our attention Saturday. Throughout Sunday we were validating it. Monday we were told that the person allegedly holding the data would give three days before they go public. But two to three hours later, MB published its story with scant substantiation. Go back to the article that MB came out and it had no substantiation at all for the claims being made. That's where we're at. Wrong to say comelec reacted only January 10," Jimenez said.

READ: Comelec servers hacked; Downloaded data may include information that could affect 2022 elections

MB's article stated that a group of hackers allegedly breached Comelec's servers and was able to download more than 60 gigabytes of data that could possibly affect the May 2022 elections.

So far, Jimenez said that their internal investigation is going well. He stated the Comelec is speaking to law enforcement to assist them in determining the provenance of the information that they're looking at.

"But in the meantime, we're verifying na yung info that was supposed to be exfiltrated from us, is not actually for 2019 or 2022. So it's actually the wrong information for that category of information," he said.

Financial reward, possible scenarios

Jimenez said that they are cooperating with law enforcement, specifically the National Bureau of Investigation (NBI) to determine where this information came from, who is behind it, and what their motivations are.

Whether their goal is to undermine elections or something else, Jimenez said that this is just one of the many possible scenarios.

"Some people have also spoken about how this could be an attempt to expose a vulnerability in exchange for some financial reward...right now, we can't narrow down which one is actually the real thing...but again as part of the investigation we are looking at all different scenarios" he mentioned.

Jimenez said that they have not yet spoken to the said "group" behind the alleged hacking who was supposedly asking for a financial reward.

"Incidentally, we have not been able to verify their existence independently either. So at this point, the only we know of them is through the claims made by the Tech team of Manila Bulletin," he explained.

No evidence of breach

Jimenez said that they saw no evidence of breach saying that as far as the commission is concerned, they are confident that nothing was hacked from them. Despite this, he said that they still want to get to the bottom of the incident if it ever happened in the first place.

READ: Comelec chair brushes off hacking report, calls it 'fake news'

"Anytime someone makes a claim like this, no matter how far-fetched it might turn out to be, nalamatan na ang credibility. Nandyan na e. Tinatanong na (The credibility has been besmirched. It's already there. It's being asked about)," Jimenez stated.

"People are already taking advantage of the mere fact that that question has been asked. So it is important that Comelec address it squarely, to really face it, to show to everyone that our system is secure and that we are doing everything possible and necessary to make sure that our data is protected," he added.

He said that Comelec has confidence in the security of its systems and the procedures it has undertaken since 2016 to ensure its data is hardened and cannot be unlawfully accessed.

Comelec and MB are set to appear at a "clarificatory meeting" before the National Privacy Commission (NPC) on Jan. 25.

Philippines

Who's the hacker? Comelec says its welcome to investigations

By Dhel Nazario

{{ articles_filter_1561_widget.title }}

{{ item.title }}

{{ articles_filter_1562_widget.title }}

{{ item.title }}

{{ articles_filter_1563_widget.title }}

{{ item.title }}

{{ articles_filter_1564_widget.title }}

{{ item.title }}

{{ item.section_name }}

{{ item.title }}

By {{ item.author_name }}

At A Glance

Join Our Newsletters

Philippines

Who's the hacker? Comelec says its welcome to investigations

By Dhel Nazario

{{ articles_filter_1561_widget.title }}

{{ item.title }}

{{ articles_filter_1562_widget.title }}

{{ item.title }}

{{ articles_filter_1563_widget.title }}

{{ item.title }}

{{ articles_filter_1564_widget.title }}

{{ item.title }}

{{ item.section_name }} | {{ item.sub_section_name }}

{{ item.title }}

By {{ item.author_name }}

Sponsored By

At A Glance

Join Our Newsletters

{{ item.section_name }}