DICT confirms hacking of disaster management unit

The Department of Information and Communications Technology (DICT) on  Tuesday confirmed that the website of its Disaster Risk Reduction  Management Division (DRRMD) was affected by a data breach.

The DICT, however, said that the DRRMD’s system was not connected to the system at the central office and it was designed to have fewer firewalls for the easier flow of information in disaster response.

“It has its own system. It’s designed primarily para making porous po talaga ito (It was designed to be porous). Because it’s a disaster response system, the influx of information should be porous as well as the response time should be fast,” said DICT spokesperson Aboy  Paraiso in a virtual presser.

The DICT also said that no sensitive data was breached with only less than 5 megabytes of information being affected.

“With the extent of the breach, hindi siya gaanong kalaki. Again, there are very, very few information that was integrated into that system or that is being stored in the system - the assets, the employees of the DICT,  and some other disaster-related information,” said Paraiso, noting that the agency had reported the incident to the National Privacy  Commission.

Cybersecurity advocacy organization Deep Web  Konek said earlier in the day that “ph1ns_ph claims responsibility for the stolen data and leaves a political message urging stronger  cybersecurity measures.”

The group shared a screenshot of the defaced website of the DICT unit, in which the hacker said: “To complete my message, this attack is not  only to mock DICT’s reputation but also to strengthen the country’s  cyber defense by humiliating them.”

The DICT said that it took back control of the website's system in less than an hour.

The latest hacking incident came days after the DICT said that the  Philippines was now ''significantly better'' when addressing cyberattacks. — DVM, GMA Integrated News