Philippine lawmakers demand briefing following China-linked cyberattack

Government agencies in the Philippines announced this weekend they had repelled a cyberattack from hackers suspected to be based in China, prompting lawmakers to demand an urgent briefing on the national security issue.

Jeffry Ian Dy, the undersecretary for the Department of Information and Communications Technology (DICT), said on Saturday that multiple government departments had been targeted in the attack.

Various email addresses and government domains were targeted, said Dy, including those of the Philippine Coast Guard, the Cabinet Secretary, the Department of Justice, the National Coast Watch System, DICT itself, and the “private” website of President Ferdinand Marcos Jr.

DICT spokesperson Renato Paraiso told local media that the internet protocol addresses the attackers used located them in China, using the services of the state-owned telecommunications operator Unicom.

Paraiso stressed that identifying the service and the territory the attacks originated from was not an attempt to formally blame Beijing: “We are not attributing this to any state… We are appealing to the Chinese government to help us prevent further attacks.”

In a statement on Monday, the speaker of the country’s House of Representatives, Martin Romualdez, said: “The revelation that hackers, suspected to be operating from China, have infiltrated the email systems and internal websites of various government agencies, is a matter of national security and public interest.”

Describing the attacks as “breaches,” Romualdez said that as it targeted “critical domains” the incident “signifies a dire need for an immediate and comprehensive response.”

“I am calling on the DICT and other concerned agencies to conduct a thorough briefing for the House of Representatives. This briefing should focus on the nature and extent of these cyber-attacks, the current measures in place to prevent future incidents, and strategies for enhancing our cybersecurity infrastructure,” said Romualdez.

The Speaker proposed the briefing take place in an “open hearing,” and stressed “transparency in this matter is crucial as it affects not just the integrity of our government's digital infrastructure but also the safety and privacy of our citizens.”

The attacks come amid an ongoing fraught relationship between the Philippines and China, particularly over territories in the South China Sea, where Beijing contests the Spratly Islands despite a 2016 ruling from the Permanent Court of Arbitration in the Philippines’ favor.

Another China-linked campaign targeting the country was detected in 2022, when the cybersecurity firm Mandiant found USB devices being used to give hackers access to systems physically located in the Philippines.