GMA Brandtalk
Tracking
Archives
DICT finds 73,000 vulnerabilities in over 1,000 gov’t sites
The Department of Information and Communications Technology (DICT) said that it has found 73,000 vulnerabilities from more than 20,000 government digital assets.
DICT Undersecretary Jeffrey Ian Dy said these vulnerabilities affect over 1,000 government agencies, including local government units and government-owned and controlled corporations.
“More than 20,000 assets of government are scattered in data, we found approximately 73,000 vulnerabilities,” he said in an interview with “The Mangahas Interviews.”
The vulnerabilities were discovered through the DICT’s Project SONAR or the Security Orchestration and Network Assessment and Review System.
“Bakit namin ginagawa ito? Kasi ginagawa rin ng hacker yun. Inuunahan lang namin. After that, ina-advise namin yung government agency, this is the unfortunate part,” said Dy.
(Why do we do this? Because the hackers do this. We just go ahead of them. After that, we advise the government agency that this is the unfortunate part.)
“So itong Project SONAR, ang tinitignan lang nito ay technological vulnerability. Ibig sabihin kung ano yung weakness ng sistema,” he added.
(So Project SONAR looks into technological vulnerability. This means identifying the weakness of the system.)
Despite efforts from the DICT to inform government agencies of their vulnerability, Dy said that only 21% have responded to the recommendations to protect their system from hackers.
But the DICT said the lack of information technology professionals in government could be the reason behind the low figure.
Hence, the agency coordinated with the Civil Service Commission and the Department of Budget and Management or DBM to open up plantilla positions for cybersecurity workers.
“Nakikipag-usap kami sa Civil Service Commission at sa DBM para magkaroon ng cybersecurity professional sa plantilla. Kasi kapag tiningnan mo yung government catalog of government employees, walang cybersecurity,” said Dy.
(We are in talks with the Civil Service Commission and the DBM to open plantilla posts for cybersecurity professionals. Because if you look at the government catalog of government employees, there are no positions for cybersecurity experts.)
"Hopefully we can finish the catalog if not this year, by the first half of next year,” he added. — Vince Angelo Ferreras/BAP, GMA Integrated News
