‘White hat’ hackers welcome to partner with DICT to expose government vulnerabilities

THE Department of Information and Communications Technology (DICT) is open to partnering with “white hat” hackers to expose government vulnerabilities and reduce attacks to public systems.

However, the agency admonished the “hacktivists” against dumping data on the internet. “We are open to partnering with these individuals. But if your way of activism is dumping these data on the web, personally, I would doubt your intentions. If you are true to your intentions, then contact us directly,” DICT Spokesman Renato Paraiso Jr. said.

In an interview late Wednesday, Paraiso said the recent infiltration of the National Police’s Firearms and Explosives Office licensing systems was claimed by hacktivist “ph1ns.”

However, the ICT department is “not ruling out other possibilities as well.”

“We have to validate the claim,” Paraiso said.

As of press time, the DICT is still assessing the impact of the hack; however, reports have shown that the hacker has said to have exploited the vulnerabilities of the FEO, gaining access to 1.5 terabytes of sensitive data.

“It was a shotgun approach. They tried to penetrate several systems and when they got a vulnerability, they targeted it for one to two months before they were able to access it,” Paraiso said.

The compromised data includes detailed personal information of hundreds of thousands of individuals—names, addresses, dates and places of birth, occupations, educational backgrounds, medical records, religion, and family information.

Additionally, financial transaction records such as names, transaction numbers, dates, pay slips, firearm registration status, and emails were leaked. The database contains 1,562,463 entries in the transactions table, affecting approximately 590,000 individuals.

The breach even had data entries related to high-profile political figures, including President Marcos and Vice President Sara Duterte.

Paraiso noted that the National Police’s cybersecurity system is not “off-the-rack.”

“The system of the PNP is not to be messed with, but even the most sophisticated system has vulnerabilities,” he said. “With technology ever evolving, what you procure now may be obsolete in six months—so we have to practice cyber hygiene like constant testing.”

Paraiso likened this to purchasing shoes.

“It has wear and tear,” he said.

He noted that the attack is not consistent with that of ransomware.

“It’s an exfiltration of data from that particular system. We don’t have any reason to believe that it was ransomware,” Paraiso said.

The hacker, “ph1ns,” claims in their X profile that they are the “DICT’s best friend.”

Just on Thursday, the hacker called on the National Police, citing another vulnerability.

“Dear PNP, your implementation of 2FA [two-factor authentication] for e-mails doesn’t work well. It is still possible to connect directly to the IMAP [Internet Message Access Protocol] and SMTP [Simple Mail Transfer Protocol] servers using a mail client and bypass 2FA this way,” the hacker said.

It appears that “ph1ns” is a hacktivist who exposes government vulnerabilities for correction.

Paraiso said the DICT is open to working with the likes of “ph1ns.”  The caveat, however, is for them not to expose these vulnerabilities to the public.

The government has been seeing a slew of digital attacks over the past few months. These include hacks on the systems of the Philippine Health Insurance Corp., the Congress, the Senate, and the Department of Education, among others.