The Department of Justice (DOJ) vowed to act with urgency as it investigates the personalities responsible for the hacking of the website of the Commission on Elections (Comelec) that leaked 70 million voters’ sensitive information online.
Acting Secretary Emmanuel Caparas said that the department is coordinating with the United States and other agencies who wished to help unmask the masterminds.
“We already put together agencies that are tasked to look at online and cybersecurity to investigate the hacking,” the DOJ chief said.
Last week, a website made allegedly by Lulzsec Pilipinas showed the Comelec’s entire database, which contained sensitive information of millions of voters, circulating this online.
The data discloses the voters’ birth date, address, date of registration, fingerprint information, passport information and other vital information.
“We want this done immediately. The election is coming in two weeks. Please be patient and know that your authorities are looking to it,” Caparas said.
He however admitted that there are limitations in dealing with the issue, claiming that cybercrime is borderless, and could go beyond its scope of jurisdiction.
“Cybercrime is borderless. Its process and laws are still evolving, and we have to give it a chance. We are just one in the field of many participants. Maybe you can call this learning
as you go experience,” Caparas said.
“This is just once instance of cybercrime where data is compromised and made available illegally. It is an evolving field, mahirap yan, technology yan e [that’s difficult; it’s technology],” he pointed out.
Caparas asked the public to be vigilant and immediately report cybercrime cases to the authorities.
The hacking of the Comelec website should be a wake up call for agencies and organizations, according to AMTI, a local technology and systems integration company providing security solutions.
“What happened to the Comelec is still unclear to all of us. What we do know is that security was breached and important data was compromised,” Allyxon Cua, AMTI president, said.
“No one can afford to be complacent. The fact of the matter is that if we were to do a security audit of most organizations, both private and governmental, and both here and abroad, we would likely find potential sources of security leaks,” Cua observed, noting that even the most secure organization can fall prey to cyber attacks.
He advised registered voters to change the passwords for all their accounts.
‘We should all change our security questions for all our social media networks and online accounts, while ensuring that the answers are not obvious and are not reflected in any other document we have. We should also download or access information only from trusted sources. These may be little things, but they help greatly in neutralizing the possible consequences of the data breach,” Cua said.
“Why? It’s because security is all about layers. There is in fact an eco-system of solutions that can be put in place in order to mitigate security risks. The more layers are built, the higher the probability of risk mitigation,” he added.
“Think about it like if you were accessing your money in the bank. There is a signature requirement. There is the need for you to claim the card at the bank in person. There are PINs associated with your account, one for the ATM and one for the telephone. Your ATM card also has a magnetic strip, a chip, and an encrypting technology, among other things,” he added.