In a significant cyberattack, a Filipino hacktivist group named “ph1ns” successfully breached the Department of Science and Technology (DOST) servers, deleting up to 25 terabytes of crucial data and backups. The attack occurred between September 19 and 27, and the group managed to gain access to network-attached storage devices, virtual servers, and employee devices, wiping all accessible data in the process. The Department of Information and Communications Technology (DICT) confirmed the attack and noted that it rendered many employees unable to access their computers, significantly disrupting departmental operations.
The hacktivist group, which describes itself as a civil rights group inspired by historical anti-government movements, claimed responsibility for the attack under the hashtag #OpEDSA. Their actions were intended to highlight vulnerabilities in government cybersecurity and challenge the credibility of government operations. This incident is part of a broader pattern of increased cyber-activism and espionage that the Philippine government is currently combating, including significant threats from nation-state actors like China.
Following the breach, DICT and DOST have been working to address the vulnerabilities exposed by the attack, reassessing and strengthening their cybersecurity measures. The government has also been proactive in enhancing the national cybersecurity infrastructure in response to ongoing and escalating cyber threats. This includes the approval of a five-year National Cybersecurity Plan and the establishment of new leadership roles within the National Intelligence Coordinating Agency to better coordinate responses to cybersecurity threats.
