MALACAÑANG said Saturday that IT experts are now looking into the possibility of “malicious forgery” on the hacking of Commission on Elections (Comelec) website, following the reported breach in the Palace’s security protocols.
The Comelec voters’ database was hacked and made accessible online last week – and one of the “seeders” or distributors of the file was allegedly “mail.malacanang.gov.ph,” which is Malacañang (Presidential Palace)’s mail server address.
In a radio interview, Presidential Communications Undersecretary Manuel Quezon III said Executive Secretary Paquito Ochoa, Jr. was informed at 9:55 p.m. of April 21 about social-media screenshots purportedly showing the Office of the President’s mail server being used to torrent and seed the Comelec data.
As of Friday morning, Quezon said there was continuing screenshots that the torrent was still being downloaded or seeded using the address.
He said the OP–Management Information System (OP-MIS) Department is now conducting an investigation on Malacañang’s sub-domain “mail.malacañang.gov.ph,” which has been delegated to a specific mail server under the OP-MIS Department since May 2011.
He added that the OP-MIS is trying to find out if the server was used to download and seed the torrent, if the server was compromised or if a remote client was using the mail server to access the internet or whether hackers intentionally forged this host name to appear as “mail.malacañang.gov.ph” with malicious intention.
“So, so far, according to the MIS Department, no unusual activity has been detected – which only suggests at this point the possibility of a malicious forgery,” Quezon said. “But this is not yet their final report, so antayin na lang ‘yung final report [But this is not yet the final report, so we will wait for the final report].”
He also said the Office of the Executive Secretary will determine the accountability if proven that someone indeed used the Palace’s mail server to download the Comelec data.
“And as far as prevention is concerned, this matter is being looked into as part of continuing efforts to improve IT security protocols,” he stressed.
The National Bureau of Investigation arrested the hacker on Wednesday night, and criminal charges were filed against him the following day at the Manila City prosecutor’s office. The hacker remains detained at the NBI Cybercrime Division pending the resolution of the case.
The Comelec, meanwhile, said the website with the leaked voters’ data had been taken down.
The Philippines is holding its synchronized local and national elections on May 9. CATHERINE S. VALENTE