The Bangko Sentral ng Pilipinas (BSP) said on Thursday that it continues to follow security protocols to protect its website against numerous hacking attempts amid growing security concerns in the wake of a high-profile data theft at the Commission on Elections (Comelec).
On the sidelines of the Financial Inclusion Summit 2016 on Thursday, central bank Governor Amando Tetangco Jr. admitted that there have been numerous attempts to hack the BSP website, but that all of them have been foiled because of the high security that the regulator has put in place.
“Yes there were attempts to hack the website, but we have been able to address that,” he said.
Tetangco said there will always be risks in terms of cyber security, but what is important is that these risks are properly addressed by firewalls and other security features that have to be embedded in the information technology systems of an institution.
“You know, hacking or attempts, they always happen, but what is important are these attempts should not be successful. In fact, we have intrusion prevention systems and firewalls,” he said.
“We remain vigilant and continue to follow security protocols for [the website’s]protection,” the BSP governor added.
In line with this, he noted that the BSP recently issued a directive to its supervised entities to make sure that they have robust security systems in their organizations.
BSP advised all its Supervised Financial Institutions (BSFIs) to strengthen their “know your customer” practices following the unauthorized disclosure of voters’ registration records of the Comelec.
The BSP said, “All BSFIs are enjoined to strengthen their KYC practices and exercise extra vigilance against possible misuse of said information for financial transactions.”
Specifically, the central bank directed BSFIs to take additional steps to avoid relying on the information that could be obtained from the several websites where the stolen Comelec data was posted. That static information, the BSP said in its memorandum, “should be supplemented by requests for additional proof or secondary information to establish the true identity of new and existing clients.”
Hackers obtained 55 million voters’ records from the Comelec database and posted them online at the beginning of the month, including passport details of 1.3 million overseas Filipino workers and digital fingerprint records for 15.8 million people, according to online security firm TrendMicro.