Three suspects who claimed to be behind the hacking of government systems have been arrested by the National Bureau of Investigation (NBI).
The NBI declined to name the arrested suspects who all wore hoods and sunglasses when they were presented before the media during a press conference.
“During my turnover I have promised you, I have announced publicly that I will pounce on cybercrimes,” said newly appointed NBI Director Jaime Santiago on Friday, June 21, during the press conference.
The NBI said the suspected hackers were arrested while dining at the Manila Hotel on Wednesday night, June 19, during a “cyber hot pursuit” operation conducted by operatives of its Cybercrime Division.
“They have undergone inquest proceedings and cases have been filed,” said Santiago.
A complaint was filed against the three suspects for illegal access under Section 4(a)(1) and misuse of device under Section 5(iii) of Republic Act (RA) 10175 or the Cybercrime Prevention Act of 2012; and unauthorized access or intentional breach under Section 29 of RA 10173, otherwise known as the Data Privacy Act of 2012.
Lawyer Jeremy C. Lotoc, chief of the NBI-Cybercrime Division (NBI-CCD), said the arrested hacking suspects, all of whom became members of hacker groups Pinoy LulzSec and Global Security Hackers, include a data officer of the Manila Bulletin, cyber security researcher of a company in Bonifacio Global City, and a graduating college student. The suspects have all issued extrajudicial confessions in the presence of their lawyers.
Lotoc assured that their extrajudicial confessions are not the only evidence the NBI-CCD has.
“Meron na tayong tinatawag na digital forensic analysis. Since hawak po natin ‘yung mga devices nila iu-undergo natin ito sa digital forensics at ito ho ang magiging isa sa mga matibay na ebidensya (We have what we call digital forensic analysis. Since we have their digital devices, we will place these under digital forensics and these will be used as strong evidence),” the lawyer said.
Meanwhile, Lotoc said that from the controlled viewing conducted by the NBI-CCD on the device of one of the suspects named “Illusion,” it revealed that it contains the account credentials from several banks, including Philippine National Bank (PNB), Banco de Oro (BDO), Unionbank and Security Bank.
The NBI official noted these contain thousands of data, including credentials, passwords, user names, and one-time passwords (OTP).
“Tatanungin namin ang mga bangkong ito kung nag-eexist ba itong mga data. Kasi ito ang gagamitin ng mga scammers natin sa kanilang exploit (We will ask these banks if these data exist. These could be used by scammers in their exploits),” he said.
Lotoc said the hacking suspects bared in their extrajudicial confessions their exploits since they were still minors.
“Noong nasa Pinoy LulzSec sila ang in-exploit naman nila base sa kanilang statement ‘yung ating Armed Forces of the Philippines, ‘yung Philippine Army daw nila allegedly, ‘yung Philippine Navy nakasama, even the National Security Council (When they were with Pinoy LulzSec, they said in their statements that the hacked the Armed Forces of the Philippines, the Philippine Army, the Philippine Navy, and the National Security Council),” he said.
Lotoc revealed that the NBI-CCD has been monitoring the activities of the arrested hackers since 2016 but could not act against them since they were still minors.
The NBI-CCD chief, citing the statement of one of the suspects, said “ang ina-allege n’ya base sa kanyang extrajudicial confession ang may hawak sa kanya at nag-uutos sa kanya na mag-exploit ng mga system ay isang editor ng Manila Bulletin (he alleged that is being handled by an editor of the Manila Bulletin who orders him to do the exploit of the system).” During the press conference, the suspect implicated Arturo Samaniego.
Samaniego, Manila Bulletin Senior Technology Officer, vehemently denied the allegation of the employee. Manila Bulletin has already identified the arrested employee but is withholding his identity in deference to the NBI, which did not name him.
“As a responsible corporate citizen, the Manila Bulletin has always adhered to the laws of the land and requires its employees to be law abiding. We are conducting our own investigation to get to the bottom of the issue. We hope our employees will be accorded their rights. We assure the public of Manila Bulletin’s utmost fidelity to the country’s laws,” Manila Bulletin said in a statement.
Lotoc said the NBI-CCD will serve a subpoena to Samaniego to shed light on the allegations as part of due process.
“And then from there magpo-proceed kami sa filing ng kaso (And then from there we will file a case),” said Lotoc.