Philippines must be ‘more astute’ in tackling online scam syndicates, says government official
Ivan John E Uy, Philippine Secretary of the Department of Information and Communications Technology, spoke to CNA’s Craig Dale about the country’s cyber challenges and how it plans to address this bilaterally.
DALIAN, China: As the Philippines beefs up its defences to stem a spike in cyberattacks and malicious online activities, it will hold its first “cyber-digital policy dialogue” with its traditional ally, the United States, next month.
Concerns are also mounting over scam syndicates disguised as Philippine Offshore Gaming Operators, or POGOs – online gambling firms, or essentially offshore casinos, that operate in the country but cater to overseas customers.
“We’ve traced them and we've taken many of them down,” said Ivan John E Uy, Philippine Secretary of the Department of Information and Communications Technology.
“So these are quite challenging, mainly because many of them operate from a legitimate licence facade. And so we have to be more astute in our cyber operations, in tracking down these activities,” he told CNA.
Mr Uy was speaking on Wednesday (Jun 26) on the sidelines of the World Economic Forum held in Dalian, China, where he addressed CNA’s questions about his country’s cyber challenges and how it plans to address this bilaterally.
The Philippines has seen an increasing number of cyberattacks – many supposedly China-based – as geopolitical tensions escalate in the region.
The Southeast Asian nation recently thwarted thousands of cyberattacks targeting the websites of President Ferdinand Marcos Jr, the Philippines Coast Guard, and the government’s IT agency.
While Chinese officials denied any involvement, Manila said that they had “pinpointed” some of the attacks to servers based in China.
In April, Mr Marcos approved a six-year national cybersecurity strategy to counter digital intrusions from abroad.
“BIG GAP” IN TACKLING CYBERSECURITY IN PAST YEARS
Amid all this, US and Philippines officials will seek to deepen cooperation on cybersecurity and the digital economy through its first-of-a-kind cyber-digital policy dialogue in July.
Mr Uy said he will be heading the Philippine delegation, which will comprise more than a dozen people representing different government sectors.
The American officials will include those from the State Department and the Department of Defense, he added.
“We are going to look at what are the challenges we face and how we can address it bilaterally – whether we're talking about providing better protection or building infrastructure, to building safer cyberspace for our citizens, as well as upgrading the skill sets or digital workforce,” he told CNA.
Mr Uy noted that as brick-and-mortar companies went digital during the COVID-19 pandemic, criminal organisations exploited their lack of cybersecurity.
Many small- and medium-sized firms then turned to the government to address this growing concern.
“Unfortunately, we've actually started addressing cybersecurity issues only in the last two years, so there was a big, big gap in the past years where all of these were just swept under the rug and completely ignored,” he added.
With cyber threat actors operating in a borderless society, Mr Uy said one of the challenges is attributing an attack to someone, especially given the ease of masking IP addresses.
“We perhaps have to deal with it in a more proactive way, in building up better cyber defences, regardless of where it's coming from, and of course, we're also looking at the different motivations,” he added.
“Some of them probably are state sponsored. Some of them are also done by cyber mercenaries.”
TROJAN HORSES FOR SURPRISE ATTACKS?
Meanwhile, CNA also asked Mr Uy about recent warnings from analysts that China could use POGOs as “trojan horses” for surprise attacks on the Philippines, in case of a conflict.
While he did not confirm the threat, he noted that the authorities have “busted a lot of scamming syndicates” that are operating as POGOs.
“They apply for a legitimate licence and then have their facade operating, or perhaps (they’re) actually operating as a POGO … but they occupy a whole building. Certain floors are not dedicated for gambling operations. They're doing scam operations or phishing operations,” Mr Uy added.
He also revealed that among those arrested were “Chinese employees” who were “victimising Taiwanese, Singaporeans” as well as their fellow countrymen.
“I think the government now is looking seriously into how this new area of cyber threats is happening in this sector, and see whether we should ban it, or we should increase our regulatory oversight over this,” said Mr Uy.
He noted ongoing debates over the benefits and risks of hosting such operations.
“I think our legislature is also looking at how these can be properly addressed,” he added.
STANCE ON TIKTOK
Separately, Mr Uy spoke about his nation’s stance on the popular video app TikTok, which is owned by Chinese parent company ByteDance.
While the US is threatening to ban the social media platform, Manila says regulation is key to addressing any espionage concerns.
Mr Uy said there is no basis for a TikTok ban unless there is clear evidence that the app is compromised.
“If you're talking about social media platforms, you're talking about streaming services or e-commerce platforms. They all use the same model, they gather data, they analyse your data, and then they customise your preferences based on those data … and that's the business model,” he noted.
“So we cannot, I think, isolate one particular platform and say that we want to ban you because you're using this, but everybody else that's using the same thing is okay – unless there is a clear showing that the platform is compromised. It is used for nefarious purposes.
“Then we have to look into that before we make a decision on whether it should be a platform that should be restricted,” he added.