1ICT Development and Cyber Security ReaderA special edition of the National Security ReviewICT Development& Cyber SecurityReaderPapers and Proceedings from the Fora onCyber Security Awareness and CollaborationNATIONAL DEFENSE COLLEGE OF THE PHILIPPINES
2 ICT Development and Cyber Security ReaderEditorial BoardDr. Fermin R. De Leon Jr, MNSAPresident, NDCPDir. Ernesto R. Aradanas, MNSAExecutive Vice President, NDCPAnanda Devi Domingo-Almase, DPAProfessorDr. Antonio G. Matias, MNSAProfessorProf Charithie B. JoaquinProfessorProf. Christine June P Cariño, MNSAChief, Academic Affairs DivisionCdr Rostum J Bautista, MNSA PN (Res)Chief, Research and Special Affairs Division________________________________________________________Secretariat/Publication CommitteeGrace Q. Banlaoi, Manmar C. Francisco, Segfrey D. Gonzales, Gee Lyn M. Magante, EugeneGalang, Jaime Saulo, Francis MangadlaoCopyright 2012 by NDCPThis volume is a special edition of the National Security Review and is publishedby the National Defense College of the Philippines. The papers compiled herein aresolely those of the authors and do not necessarily represent the views and policies oftheir affiliated governments and institutions. Comments and suggestions are welcomeand may be sent to NSR Publication Office, NDCP Camp Aguinaldo, Quezon City,with telephone number +63-2-912-9125.Cover photo credits: web.securityinnovation.com, topsecretwriters.com, topsecretwriters.com, craxel.com,choosemontgomerymd.com
3ICT Development and Cyber Security ReaderForewordThe Philippines, although considered an emerging country in computer and cybertechnology, is not isolated or shielded from acts of cyberterrorism and cyberwar.The more advanced a country is in terms of technology, the greater the impact of acyber attack or network denial of service. There is a need for an increased awareness inthe national and global environment on what cyber crimes are and how to deal with theireffects. Undoubtedly, the internet is very much a part of our lives now and we cannotsimply disconnect from it.Cyberspace is the interdependent network of information infrastructure thatincludes the internet, computer networks, systems and the embedded processors andcontrollers in critical industries such as telecommunications, banking, transportation,business. It is virtual and has become the “fifth domain” after land, sea, air and space. Sincecyber crimes are virtually committed and transnational in nature, it is imperative to buildtrust among nations in sharing information on how to combat cyber threats. Perhaps the most prevalent crime of the 21st century in an age of informationand communication technology (ICT) is cybercrime, also known as computer crime.Cybercrime has grown and worsened in alarming proportions as it affects informationand data management systems important to government, business, education, and evenentertainment. Worse, this crime, especially those that can be done at home, has invadedthe privacy of personal life. These modern crimes, which employ computers or mobilephones as tools for illegal activities, include but are not limited to the following: identitytheft and invasion of privacy; internet fraud; ATM fraud; wire fraud; file sharing andstealing intellectual property through piracy; counterfeiting and forgery; child pornography;hacking and espionage; programming of computer viruses; denial of service attacks; spam;and sabotage.Due to the widespread adoption and use of computers and the internet in almostall aspects of our daily living, and exacerbated by the vulnerability to aforementionedcybercrimes using the ICT and the cyberspace, the NDCP, in collaboration with the Officeof the Vice President and the NDCP Alumni Association Inc. has embarked on a seriesof public fora and seminar-workshops to increase public awareness on the protection ofinformation, communication technology and cyberspace to improve the security, efficiency,cost effectiveness, and transparency of all government and private online and electronicservices through policy formulation and conduct of education, training and research oncybersecurity.The College also hopes and aspires to be the center for policy formulation on securityand resiliency in cyberspace, as well as the venue where education, training and research onthe protection of information, communication technology and computer network operations,including cybercrimes, defensive activities, and security of the cyberspace infrastructurewill be conducted.
4 ICT Development and Cyber Security ReaderWe hope that this present volume, ICT Development & Cyber Security Reader— acollection of papers, thesis, speeches, laws as well as highlights of the proceedings from aseries of fora and workshops on cybersecurity awareness and collaboration, will somehowquench the thirst for more ICT literacy and cybersecurity understanding among our policy-makers and the general public. We also hope that this reader will contribute to better preparepublic and private cyber infrastructure for any eventuality involving the misuse of cybertechnology and for our cyber community to become more proactive in mitigating the risksof such cyber threats to the peaceful conduct of local and international affairs.Fermin R de Leon, PhD, MNSAPresident, NDCP
5ICT Development and Cyber Security ReaderForeword1. Welcome Remarks Fermin R De Leon Jr, PhD.......................................................................................2. Keynote Address during the Securing a Whole Wired World: A Forum on Cyber Security Awareness and Collaboration Honorable Jejomar C. Binay.....................................................................................3. Highlights of the First Forum on Cybersecurity Awareness andCollaboration: Securing A Whole Wired World.............................................4. Keynote Address during the Forum on How Safe Is Your Money?: Rethinking Cybersecurity Honorable Jejomar C Binay......................................5. Highlights of the Second Forum on Cybersecurity Awareness andCollaboration: How Safe Is Your Money?: Rethinking Cybersecurity..................................................................................6. Opening Remarks: ICT Development and Cybersecurity EnhancementUSec Benjamin E Martinez Jr.................................................................................7. Highlights of the Seminar-Workshop on Cybersecurity: TowardsInformation, Communication and Technology Development (ICTD)and Cybersecurity Enhancement......................................................................8. Highlights of the Third Forum on Cybersecurity Awareness and Collaboration: Cybercrime Law and Its Implications to National Security..................................................................................................Papers on ICT Development and Cybersecurity9. Paper Output during the Seminar-Workshop Prioritizing ICTDevelopment and Cybersecurity Seminar ......................................................10. Understanding Cyber Security from Global and Regional Perspective Stephen P. Cutler...............................................................11. Cyber War and Cyber Terrorism Stephen P. Cutler.........................................12. Philippine Cyber Security: General Situation Angel S. Averia, Jr................13. Historical Notes on Technology and Cyber Security Initiatives Lorenzo A. Clavejo.....................................................................................................14. Cyber-security: Perspectives on Attacks John Peter Abraham Q. Ruero..................................................................................C O N T E N T S389132427363848616775778690
6 ICT Development and Cyber Security Reader9410311912212413213514716116316617818920815 Cyberwar and Rules of Engagement Drexx D. Laggui...............................16. The Evolving Landscape on Information Security Wilfred G. Tan, Carlos T. Tengkiat & Simoun S. Ung.......................................17. The Need to Secure Our Cyber Space Angel T. Redoble.............................18. National Security Implications of R.A. 10175: Defense PerspectiveNebuchadnezzar S. Alejandrino I.........................................................................19. Fighting the Crime of the Future: Responding to the Challenges ofCybercrimes Geronimo L. Sy............................................................................20. Key Structuring Principles in the Cybercrime Law Discourse Shirley Pelaez-Plaza..............................................................................................21. New Frontiers in Cybersecurity: Its Adverse Impacts in the Philippines and ASEAN Region Chester Cabalza........................................References22. Republic Act No. 10175 An Act Defining Cybercrime,Providing For The Prevention, Investigation, Suppressionand the Imposition of Penalties Therefor And For OtherPurposes..............................................................................................................24. Types of Cybercrime cybercrimes09.blogspot.com.........................................23. Cybercrime Interpol...........................................................................................Thesis Abstracts25. Cybersecurity Capability of the Armed Forces ofthe Philippines in the Midst of Computer ThreatsArturo A Larin......................................................................................................26. The Effects of the Internet Age on National Identity andNational Security Nathaniel Ordasa Marquez..................................................27. Electronics Security System of Universal Banks in the Philippines:An Assessment Rodrigo I. Espina, Jr., ............................................................Directory of Participants..............................................................................................
7ICT Development and Cyber Security ReaderFirst Forum on Cybersecurity Awareness and Collaboration26 October 2011NDCP Honor Hall, Camp Emilio Aguinaldo, Quezon City“Securing A Whole Wired World”
8 ICT Development and Cyber Security ReaderWelcome RemarksFermin R De Leon Jr PhD, MNSAPresident, NDCPSpeech delivered during the Securing a Whole Wired World: A Forum on Cyber Security Awarenessand Collaboration, on 26 October 2011, NDCP Honor Hall, Camp Emilio Aguinaldo, QC_______________________________________________________________________________TheHonorableJejomarCBinay,MNSA,VicePresidentoftheRepublicofthePhilippines;Honorable Voltaire T Gazmin, Secretary of National Defense; distinguished membersof the diplomatic corps; sons and daughters of the NDCP; my fellow civil servants;ladies and gentlemen, a very pleasant morning.The College has always been at the forefront of discourses of present issues andconcerns that matters to you, to me, and the rest of society. It has always been providing avenue for enlightenment and understanding as it welcomes to its confines, with very mucheagerness enthusiasm, open and truthful discussion all in the name of academic freedom.Today, the College, once again, proudly finds itself as the point of convergence of a widespectrum of stakeholders to tackle perhaps the most crucial issue of this age.For this, I wish to personally extend my gratitude to the Honorable Vice Presidentand the NDCP Alumni for once again, partnering with the College in such a worthy endeavor.As its theme conveys, the event elevates cyber security awareness among its audience, adiverse mixture of cyber security key players coming from the government, private sector,the civil society and the academe. It also highlights the importance of partnership in buildingthe nation’s cyber resiliency.Indeed,oureventisasterlingcontributionoftheacademeinseizingtheopportunitiesand facing the challenges the Information Age presents. Despite an emerging nation in cybertechnology, our country is never shielded from cybercrimes. There is a need to enhanceour cyber security if we want to take advantage of the opportunities of this heightenedinterconnectivity.Thus, I encourage everyone to actively participate in discussions as everyone’scontribution is important in addressing the evolving threats we face in the cyberspace. Cybersecurity is something that affects us all. As more and more daily functions rely on digitalsystems, we have more and more reasons to ensure the privacy, safety and security of ourcyber space. It’s an important task not exclusive to the government nor the private sector.Enhancing our cyber security is rather a shared responsibility because at the endof the day, cyber security is about security of the people. In the first place, technology isthere to make our lives better. However, if we fail to be conscientious and proactive users,any sophisticated technology will be rendered useless or, even worse, prove to be harmful.Ultimately, it is in our hands to secure a whole wired world.Magandang araw at mabuhay tayong lahat!# # #
9ICT Development and Cyber Security ReaderKeynote AddressHonorable Jejomar C. Binay, MNSAVice President, Republic of the PhilippinesSpeech delivered during the Securing a Whole Wired World: A Forum on Cyber Security Awarenessand Collaboration, on 26 October 2011, at NDCP Honor Hall, Camp Emilio Aguinaldo, QC_______________________________________________________________________________When we first discovered the Internet around two decades ago, we heard about itspower as a communications tool. As dial-up networking struggled to cope withour thirst for email, we were content to use the World Wide Web for keeping intouch with friends and family. Yet the birth of cyberspace did not fully reveal the impactit would have on the world.Not long after its propagation, the Web developed a maturity that dissolved borders.Not since the invention of the locomotive has a technological wonder spurred progress theway the Internet did. Education, business, finance and personal exchanges found a newhome on cyberspace. Entrepreneurs could do business nationwide without having branchesin every city, and almost anything can now be bought online. No longer was it necessaryto be in a classroom at a particular time to hear a lecture or complete a course. And in caseyou needed to access your money after business hours, online banking made it possible tomanage your accounts without the help of a teller or ATM.Further technological advances bolstered the World Wide Web, making it possibleto transmit data and voice at the speed of light. Geographical barriers to outsourced andoffshore services came down and within the past ten years, the Philippines, and severalother countries have reaped the benefits of this wave. Governments and firms quickly sawthe power and benefit behind storing information in electronic formats. Apart from thepositive impact on the environment, this permitted a central and consistent base of recordsto be maintained and made accessible to the agencies and offices that citizens transact withto obtain basic services.However, where an abundance of opportunity and an openness of exchange exist,criminal genius cannot be far behind. The advancement of the Internet has prompted ill-doers to exploit the Web for their own nefarious purposes.Some months ago, I had a brief encounter with two IT managers. I forget their names,but they were young, very driven and visibly competent Filipinos. Being less fluent than Ishould be in the language of Information Technology, I picked their brains to learn more ofthe threats we face, and the weaknesses that they believe are present in our country.The first manager contributed his own notes to the conversation saying that fromthree years ago, attempted intrusions into his network (or attempted hacks) tripled. From400 attempts daily in 2008, he is now blocking over 1200 attempts per day. Based on hisreviews, only 3% of the attacks emanated from the Philippines. The vast majority camefrom China with the balance originating from the rest of the world. He lamented that these
10 ICT Development and Cyber Security Readerattacks will probably increase geometrically in the future and that he works feverishly tokeep up with the threats by upgrading access control procedures, security software andwhere budgets permit, his hardware as well.When I asked for examples of intrusions and their risks, the second narrated hispersonal experience from his own BPO center in Makati. He was monitoring his VOIP servers,when he saw unauthorized calls being directed to places like Brazil, Zimbabwe and Haiti.He immediately secured his line but the one hour’s worth of hijacked calls cost him over$2000 in charges. The attack originated not from within his workforce but from overseas,and it took months for him to resolve the billing with his service provider. Luckily, his losswas temporary but he added that he personally knew of a center in Ortigas that closed shopafter hijacked VOIP servers inflicted monthly losses in the millions of pesos.These trends, in the words of these professionals, represent but a fraction of thethreats an IT-enabled business can face. At that point, it became painfully clear that cybersecurity threats were not just epic events that affected foreign nations or large conglomeratesalone. Like other citizens of cyberspace, we too are at risk, and those risks escalate as quicklyas fiber optics transmits signals.The breadth and depth of valuable information on the Web has reached critical massand sends new breeds of criminals into a feeding frenzy. What is valuable to us can nowbe stolen online, just as easily as a pickpocket can make off with our cell phones. What iscritical to us can be shut down or made unusable and no longer are these cases taken froma plot crafted by fiction and cinema.In 2008, a band of three hackers stole more than 170 million credit card numbersbefore they were arrested. In 2010, South Korea sustained a cyber attack where 166,000computers from 74 countries jammed the web sites of banks and government offices.Also in that year, IT security experts unearthed a worm named Stuxnet. Unlikeprevious worms, Stuxnet did not prey on computers and networks. Instead, it compromisedsoftware that controls industrial machines and could wreak havoc on facilities like powerand water plants. The damaging potential of Stuxnet was exceeded only by the effort thathad gone into its creation. The experts who dissected the worm concluded that around 10,000man hours had gone into its creation. This was aside from the sheer sophistication of themalware’s design. There was little doubt that cybercriminals had a resolve that matched ifnot surpassed that of suicide bombers in Iraq or Afghanistan. Their weapon of choice mayfar exceed the damage that any WMD can inflict.In 2010, the cost of electronic theft exceeded that of physical theft according tothe 2011 Global Fraud Report of Kroll Associates, a leading American security and riskmanagement firm. Perhaps the starkest example was the Wikileaks incident, where classifiedcables from the US State Department suddenly emerged in the open domain. Not even theUS government was immune to the threat, despite the wealth of resources at their disposal.Clearly then, cyber security is a national security issue.The practically borderless nature of the cyber world presents a daunting challenge tous as we work to exist safely in that realm. One of our blind sides is the lack of informationexchange between all stakeholders. The IT community is most aware of these evolving
11ICT Development and Cyber Security Readerthreats but the public sector may be less so. Currently, no single agency has the capabilityor mandate to match the scope of this threat and collaboration between public and privateparties should remain one of our strongest mooring points.The private sector should be a firm partner in this effort. IT is the focus of theirbusiness and apart from employing the best people that they can, it is they who haveencountered these threats first-hand. Their defenses and solutions are forged in reality andtheir findings are invaluable as we map out a strategy to secure the new national assets thatthe Web has created. Let us see how the skills gained by the private sector can be cascadedto their counterparts in government.Apart from holding hands to gain familiarity with the terrain of the Internet, letus revisit our laws. Many potential foreign investors in the IT field still have the genuinefear of suffering electronic threat offshore, without having legal recourse. Our country’se-Commerce law is now over a decade old. Perhaps it is time to lend your talents towardsenhancing our laws to insure that they remain capable of addressing the challenges wecurrently face and those that we shall meet in the future.Other nations have made this a top priority. The UK and the United States havetheir data privacy laws which are strictly interpreted and enforced. Nonetheless, in the pastyear alone, 18 bills have been filed in the US Congress to further enhance their laws againstcybercrime and similar activities.Let us work with our legislators. I have no doubt that they are all eager to help usclose this gap in our virtual borders, but they need to understand not just the jargon, butthe threats we face and the consequences we can suffer. Guide them through the languageand landmarks of cyberspace and I am confident that relevant and lasting legislation shallresult.Operationally, it is my hope that this forum shall give birth to both a cyber securityroadmap, as well as a defined framework of collaboration between government agenciesand the private sector so that a cyberspace coast watcher system can be established andimplemented.In countries like Japan, inbound viruses and malware are treated like outbreaks. Thepath is monitored in real time, and through pre-established communications procedures,the propagation of the virus is arrested. Alerts are sent out not just to networks nationwide,but to competent government authorities from the source country and other nations in theregion. Specialists are tasked to dissect the virus and formulate defenses which are rolledout to all networks in the country. We should be able to achieve such a system if we workhard enough.This may sound like a tall order, for we have yet to acquire the infrastructuresophistication of some of our neighbors. However, within this forum, provide clarity tothe question of technical skills that we need to develop and foster in the long term, andhow to best organize these skills. Let us explore avenues for government-to-governmentcooperation in terms of technology transfer with our friends in North America, Europe andAsia. While technologies change, the collaborative approach shall remain the cornerstoneof a sound national security response.
12 ICT Development and Cyber Security ReaderThis battle in cyberspace comes to us swiftly and unceasingly. This forum is apositive step towards rallying our forces but it will take several steps for us to complete ourtask. Together, let us raise our virtual army and come to our nation’s defense.Thank you and good morning.# # #
13ICT Development and Cyber Security ReaderHighlights of the 1st Forum onCyber SecurityAwareness and CollaborationSecuring a Whole Wired World_______________________________________________________________________________I. Executive SummaryIn celebration of the Cyber Security Month, the National Defense College of thePhilippines (NDCP), in collaboration with the Office of the Vice President (OVP) andthe NDCP Alumni Association, Inc (NDCPAAI) launched a series of fora on CyberSecurity Awareness and Collaboration with the theme “Securing a Whole Wired World.”The event was held on 26 October 2011 at the NDCP Auditorium.The Philippines is never shielded from acts of cyber terrorism and cyber crimes. Thus,the objectives of the forum were: 1) to gather cyber security key players and stakeholdersin the country; 2) elevate awareness on what cyber crimes are to eventually control andconquer them; and 3) explore prospects for cooperation among the government, privatesector, academe, and the civil society. The forum was intended to provide a platform fordiscourse and collaboration among government agencies, private sector, academe, and thecivil society.The activity commenced with the keynote address from Vice President Jejomar CBinay followed by the three lecture sessions comprised of six experts who were tasked totackle cyber security from theory to practice; and a summary from Mr Abraham Purugganan,MNSA. The Vice President’s keynote address read by the DND Secretary Voltaire T. Gazmin,elaborated on the seeming paradox of cyber technology. It has made lives easier and, at thesame time, harder. Cyber security was deemed as an opportunity for interagency, inter-sectoral, and intergovernmental collaborations.Session One provided the current situation, challenges, and opportunities in thecyber space. It revealed the urgent need to boost cyber security awareness and capability inthe Philippines. Session Two emphasized the importance of public-private partnership inenhancing the cyber resiliency of the Philippines. It also explored the nature of cyber war andprovided foundations in crafting the rules of engagement in cyber warfare. Session Threegave a practical demonstration of how a computer virus can infiltrate industrial controlsystems and eventually impact the critical infrastructures of a country. The audience wasalso provided with practical tips in dealing with cyber attack.Overall, the discussions centered on the ever-changing nature of national securityas demonstrated by the dynamics in the cyber space. Through cyber technology, we sawhow countries flourished to become powerful nations, but we also witnessed how theybecome victims of cyber crimes, cyber terrorism and cyber warfare. In the end, collaborativeapproach remains to be one of the most effective ways of dealing with the evolving threatsin the cyber world.
14 ICT Development and Cyber Security ReaderII. Opening CeremonyWelcome Remarks by Fermin R de Leon Jr PhD, MNSA, President, NDCPDr. de Leon declared that discourses on significant issues to the society, such as cybersecurity, are always welcome in the NDCP. The College has always been providing venuefor enlightenment and understanding in the furtherance of academic freedom. Cognizantof the importance of cyber security awareness in national security, he thanked the OVPand NDCPAAI for partnering with the NDCP in organizing the forum. He considered theforum as a sterling contribution of the academe in seizing the opportunities and facing thechallenges the Information Age presents. He reiterated that developing cyber resiliency isnot a responsibility exclusive to the government nor the private sector. Rather it is a sharedresponsibility; everyone’s contribution matters.Keynote Address by Honorable Jejomar C Binay, MNSAVice President of the Republic of the Philippines and President & Chairman, NDCPAAI(Speech delivered by the DND Sec Voltaire T. Gazmin)Vice President Binay noted how the web has become an integral part of humanlife and an indispensible tool of governments, industries, and various sectors around theworld. However, he also emphasized how the internet dissolved boarders and how thebreadth and depth of valuable information on the Web has reached critical mass sendingnew breeds of criminals into a feeding frenzy.In 2010, South Korea sustained a cyber attack where 166,000 computers from 74countries jammed the web sites of banks and government offices. In the same year, ITsecurity experts unearthed a worm named Stuxnet. Unlike previous worms, Stuxnet did notprey on computers and networks. Instead, it compromised software that controls industrialmachines and could wreak havoc on facilities like power and water plants. He also citedthe 2011 Global Fraud Report of Kroll Associates, wherein, in 2010, electronic theft exceededthat of physical theft.Vice President affirmed that while the world reaped unfathomed benefits from theheightened interconnectivity among nations and industries, the borderless nature of thecyber world also presents a daunting challenge to everybody as all work to exist safely inthat realm. Currently, no single agency has the capability or mandate to match the scope ofthis threat and collaboration between public and private parties should remain one of thestrongest mooring points. He highlighted the importance of the private sector as a partnerin ensuring the cyber resiliency of the country. Many potential foreign investors in theIT field still have the genuine fear of suffering electronic threat offshore, without havinglegal recourse; the country’s e-Commerce law, being more than a decade old, is alreadyoutdated.Heencouragedpertinentagenciestoexploreavenuesforgovernment-to-governmentcooperation in terms of technology transfer with friends from North America, Europe andAsia. While technologies change, the Vice President is positive that collaboration shallremain the cornerstone of a sound national security response.
15ICT Development and Cyber Security ReaderIII. Plenary SessionsSession One: The Regional Cyber Security Landscape, Challenges, and StrategiesCyber Security and Governance by Atty Ivan John Enrile Uy, Former Chairman, Commissionon Information and Communications Technology (CICT)Atty Uy offered the latest cyber security landscape. He shared that presently, thereare 5 billion mobile phone users around the world; two billion of which are internet users.Out of the 2 billion, approximately 1.2 billion come from developing countries around theworld.He reported that online transactions have reached 10 trillion dollars worldwide.The amount of data processed or handled in the virtual realm reached 5 hexabytes in 2001-2003. Today, the cyber world produces the same amount of data in a matter of days. Radioreached 50 million in 38 years; television took it 13 years. Meanwhile, the internet reachedthe same number of people in 4 years time; Facebook did it in 3 months. This is how rapidthe internet covers and places its footprints across the world.Aspeopleincreasinglybecomeawareofwhattechnologycando,technologybecomesa source of challenge and a matter of security concern for governments. Governments are nowbeing obliged to match how the private sector, through information technology, efficientlydelivers services to the people. It is very apparent as many governments worldwide havebegun to deliver e-governance and e-services to their citizens. However, as informationtechnology becomes handier and more ubiquitous, more and more criminal minds wouldwant to exploit it.Cyber security concerns have significantly increased over the past years. Recently,Sony’s playstation network was hacked; 70 million accounts were put at risk. The very firstcyber warfare may have happened in 2007 when Estonia’s information infrastructure wasallegedly attacked by the Russian Government after Estonia decided to move the gravemarker of a Soviet-Russian hero. These recent events have moved the United States toestablish a cyber security command headed by a 4-star general in 2009; South Korea, GreatBritain and China followed a year later.When one speak of cyber security one usually refers to common cyber crimes (e.g.fraud, gambling, child pornography). However, there are another arenas that requiresadequate attention e.g., cyber terrorism, denial-of-service attacks, online espionage, andonline warfare. Such attacks may come externally or within.Information technology has change how the people live and how they act. It hasousted governments who have underestimated its ability to influence the mindset of thepeople (e.g. EDSA II and Arab Springs).Cybercrimes, Cyberterrorism, and Cyber Security Landscape byAtty Magtanggol B Gatdula, PhD, Director, National Bureau of Investigation (NBI) Atty Gatdula reported that the Philippines is now a haven of transnational organizedcrime syndicates due to the lack of capabilities and technical-know-how of law enforcersin the country. Quoting Director Sammy Pagdilao of the Philippine National Police–Crime
16 ICT Development and Cyber Security ReaderInvestigation and Detection Group (PNP-CIDG) he shared that cyber crime mafias, mostlyforeigners, have established bases of operations in the country. Cyber crime syndicateshave taken advantage of the organizational and technical incapability of law enforcers tofight cyber crimes. Because of great feats in information and telecommunications technology, thepublic is lured to exchange security over the convenience these tools offer. Being usefuland user-friendly, smartphones have become a typical person’s confidante in his dailyliving. However, due to the mass of personal data stored on these gadgets, most of whichare sensitive, these seemingly useful tools may become a source of vulnerability to theirusers. Today, the world experiences a dramatic increase of malicious software. Smartphonesserve as a window of opportunity to cyber criminals to access potential victims personaland bank details. With regard to cyber terrorism, Atty Gatdula believes that terrorism continues tosurvive because it takes different forms to match the changing times; this includes cyberterrorism. The information age has built a battle zone not only for good intentions but alsofor evil schemes. In the absence of clear national policy for information security and internetstructure stability, the Philippines is vulnerable to cyber attacks. The country currently lacksa well-defined strategy and clear national security policy to combat cyber terrorism. TheHuman Security Act of 2007 and the E-commerce Act of 2001 could no longer address theemerging and evolving challenges in information security.The vulnerabilities of developing countries continue to encourage terrorists toenhance their hacking skills. No matter how sophisticated the reporting systems of industriesare, they would all be rendered useless if the country does not have the technical capabilityto promptly and effectively respond. Nevertheless, vulnerabilities come with counteractionse.g., prevention, detection, and reaction. The task is mainly reaction; one can never alwaysbe proactive when it comes to cyber terrorism. One is blind of the next mode of attack.Amidst different modes of cyber attacks such as Stuxnet1, there is need to assessand address the vulnerabilities of the countries exiting infrastructure control systems (e.g.,MRT, LRT, traffic systems, dams, and wind mills) not only by the Philippine Governmentbut also businesses operating these industry control systems.Session One Open ForumA participant asked the speakers to personally identify the most probable andplausible cyber terrorism attack to the Philippines. Atty Uy opined that the countrycurrently has a lot of vulnerabilities in many areas which may all be potential targets ofattack. He particularly identified government websites which have recently become targetsof hacking and defacement. He agreed with Atty. Gatdula on the possibility of local criticalinfrastructures being points of attack.Another participant shared his experiences on receiving e-mails from unidentifiedpersons offering to launder money to the Philippines. He asked if the NBI has ever pursued_____________________1Stuxnet is a computer worm widely suspected to have been designed to target uranium enrichmentinfrastructure in Iran. IT experts concluded that the sophisticated attack could only have been launchedwith nation-state support.
17ICT Development and Cyber Security Readerthese scam authors. A former Chief of the NBI’s Computer Crimes Division said that agencylaunched several information drives against such scams. He also shared that the origin ofthese emails can be mostly traced in Africa. Because of jurisdictional considerations, theNBI cannot launch full pursuit operations against these scammers. Atty Uy shared that thePhilippines already have local versions of such scams.Session Two: Government and Private Sector SolutionsCyber War and Rules of EngagementDrexx Laggui, Principal Consultant, Laggui and Associates, Inc.The recent penetration tests initiated by the Land Bank showed how vulnerablethe network systems of Megalink and BancNet members are. Hired computer expertswere able to fully infiltrate their systems, allowing them to do fund transfers and hijackremittances.Recently, the information system of the International Monetary Fund waspenetrated compromising very sensitive data that could endanger the financial market.The hackers allegedly accessed the network system by targeting the Facebook account of anIMF employee. It is widely suspected that it was a government-sponsored assault. Cyberterrorists would break into online banking systems, still credit card information in orderto buy equipment that would carry out their terrorism plans. Through BSP Circular 542which requires banks to undergo penetration testing yearly, the public is ensured that localonline banking systems will survive in the event of cyber war. However, other industriesare still vulnerable. The energy, utilities, and the transport industries all use SCADA2intheir infrastructure control system. SCADA is the same system used by the Iran nuclearenrichment plants allegedly targeted by Stuxnet.Cyber war is a state-sponsored sabotage or espionage done before soldiers set footon the battleground. It is the “use of force” in the cyberspace that has repercussions in thephysical world. It is not directed against the military but the national economy which mayalso have serious implications in national security. In cyber war the rules of engagement(ROE) must be carefully crafted to minimize ambiguities that would delay responses whenuse of force is already required. When a country is engaged in cyber war the criteria forsuccess (or failure) must be defined. The scope and timeframe of the attack must be set.Targets that are far removed from military objectives (e.g. hospitals) must never be engaged.The impact of cyber weapons is unproven and unknown which makes their employment, inthe event of cyber war, a critical decision given to the Head of State. The health, welfare, andprivacy of the public must not be compromised. The reports, records, and data generatedfrom cyber operations must never be used for commercial gains.In crafting the ROE for cyber war, three challenges must be addressed–credibility,invocation scenarios, and attributions. The key to deterrence is to show that the nation hasthe capability to defend itself against attacks and, if necessary, to fight back (i.e., credibility).The Philippines should have potential escalation framework, where some instances couldinvoke cyber war, as part of a planning activity (i.e., invocation scenarios). There is alsoa need to beef up capabilities that would aid law enforcers to identify the face (or nation)behind the keyboard (i.e., attribution).__________2SCADA (supervisory control and data acquisition) refers to industrial control systems (ICS)-computersystems that monitor and control industrial, infrastructure, or facility-based processes
18 ICT Development and Cyber Security ReaderThe Philippines has a maturity level of 13when it comes to cyber war capabilities.The country has arcane laws, regulations, and ROE that hobble its capability to ensure itsnational security. Nevertheless, it has the potential capability to engage, sustain, and achieveobjectives in cyberspace.Public-Private Partnership in Cyber SecurityStephen Cutler, President and CEO, Official Global Control Corporation The world is facing the same transgressions as it did hundreds of years ago (e.g.,fraud and theft); the only difference is the speed of which they are committed. The stateand military security structures do not move quickly as policies change. Like any crimes committed in the real world, there is a need to differentiate the actsof crimes committed by a pathological criminal (which are felonious) and those committedby a pathological criminal but in charge of the state (e.g., Hitler and Stalin). It is critical todifferentiate acts of war and crimes. Educational institutions such as the NDCP may providelight in this important issue. Some people in the military believe that the private sector should protect themselves;the armed forces should protect the shores of the nation. However, in the advent of theinformation age, one may rarely see physical assaults as extensive as it was during theSpanish colonial era. However, at present, the private sector holds most of a country’snational assets. It is therefore, a responsibility of the military to protect them. One shouldtake a holistic view of national security. There is a need for public-private partnership and dialogue. There is a need to gatherstakeholders from the country and representatives from the international community as well.National assets (both public and private) must always be protected. Whether the country isfaced with invasion in the physical or the cyber world it does not matter; national assets willbe lost. Both the private and the public sector must contribute their utmost responsibilityand utmost capability in protecting their nation.Major General Jonathan Shaw of the British Cyber Command said that cyber attacksrepresent the greatest threat to national security. Cyber attacks affect everyone. Everyonetherefore must contribute in the protection against the danger cyber attacks impose. 80% ofthe threats are the result of poor cyber hygiene (e.g., the lack or relevant laws). Every nationmust utilize all multilateral and bilateral relations to ensure its cyber resiliency.Session Two Open ForumOne of the participants asked Mr Laggui if the Monroe Doctrine4is a sufficientframework to defend a nation’s security especially in the cyberspace. He also asked if thereis a need for further definition of cyber war to set it apart from cyber attacks. He wanted toknow from Mr Cutler how much should cyber security policies be flexible considering that_________3According to Mr Laggui, countries with Level 1 Maturity (i.e., Ad Hoc Level) have key stakeholdersas leaders championing management system of IT security.4The Monroe Doctrine is a policy of the United States introduced on December 2, 1823. It stated thatfurther efforts by European nations to colonize land or interfere with states in North or South Americawould be viewed as acts of aggression requiring U.S. intervention.
19ICT Development and Cyber Security Readerthe Treaty of Westphalia5no longer holds and the dynamics in the cyber world are ever-changing. In response, Mr Laggui shared that the cyber version of the Monroe Doctrine4allowed the US to identify its critical infrastructures and build up cyber resources to defendthese assets. Meanwhile, Mr Cutler said that the Treaty of Westphalia is one of the manyagreements that set up diplomatic relations among countries which lead to the nature ofinternational community the world has today. Another participant wanted to find out from Mr Cutler the level of internationalcooperation in cyber security the Philippines has today. Mr Cutler opined that thecountry’s progress is far from the state of cyber resiliency it needs to have. There is a lotof support from other countries (e.g., South Korea, Japan and the US). Other neighboringcountries (e.g. Thailand, Malaysia, and Indonesia) are doing well in enhancing their cybersecurity. Meanwhile, Mr Laggui shared that the local financial industry has very mature ITgovernance. Most of the banks in the Philippines have Level 3 Maturity6.Session Three: Cyber Security in PracticeThe Real Deal of Cyber Attack to National Critical InfrastructureChaiyakorn Apiwathanokul, CEO, S-Generation, LTD, Thailand It is a general belief that linking the industrial control systems to networks andinternet makes them more secure as it allows authorities to manage and control themanytime and anywhere from the planet. On the contrary, doing so only makes them harderto protect as anyone may access them using the right tools. In 2002, a nuclear power plantwas forced to temporarily shut down due to a computer virus. When an operator’s infectedlaptop was connected to the plant’s control system, the virus spread throughout the networkincapacitating the safety monitoring system of the plant. Operations had to be temporarilyterminated; there were massive blackouts for days. Industrial control systems are one of the most common targets of cyber attacks asthey manage and control critical infrastructures in a country (e.g., plants, transport system,traffic system, and dams). Control systems will always have weak points that hackers canexploit. They develop computer viruses to exploit such vulnerabilities, one of the mostrecent and ill-famed of which is the Stuxnet. The government tries to protect these criticalinfrastructures through rules, guidelines and regulations. Operators must comply withthese laws.Cyber Security: What to do in the event of Cyber Attack?Nebuchadnezzar S Alejandrino, Chief, DND Information Management Office There are three types of network system: 1) those that have already been attacked(e.g. the Vice President’s website); 2) those that are to be attacked (e.g. DND website); and_________5The Peace of Westphalia was a series of peace treaties signed between May and October of 1648 inOsnabrück and Münster. These treaties ended the Thirty Years’ War (1618–1648) in the Holy RomanEmpire, and the Eighty Years’ War (1568–1648) between Spain and the Dutch Republic, with Spainformally recognizing the independence of the Dutch Republic.6According to Mr Laggui, Level 3 Maturity (i.e., Managed Level) implies a systematic process ofhandling IT security and governance.
20 ICT Development and Cyber Security Reader3) those that are currently under attack. The manifestations of cyber attack are very difficultto discern. Hacking a network is very easy given the right kind of tools. Some resources areavailable online; anyone can be a suspect. There are even alleged state-sponsored cybercrimes. Dir Alejandrino divided cyber attackers into two–non-state attackers and stateactors. The former are individuals or organizations to include the Anonymous7. When an information system is under cyber attack, it typically hangs, unfamiliarimages appear on the computer screens and the system slows down. A network can bepenetrated whether it is online or offline. When connected to the internet, a system may getcompromised from media or documents downloaded from the web. When offline, a systemcan still be infected through manual transfers e.g., using thumb drives. In the Department,classified documents are kept isolated and offline to ensure their safety. In case of cyber attack, the most important thing to remember is to not panic. Gooffline immediately and report the incident to the local IT office and to the top management.Fortifying your defenses by establishing cyber security team proves to be useful. It isimperative to create a backup system for your network to ensure that operations will notbe seriously disrupted.Session Three Open Forum A participant asked Dir Alejandrino’s opinion on the security of cloud computing.Dir Alejandrino opined that cloud computing is not absolutely secure since one does notknow to where the data is stored or who may have access to it. Meanwhile, Mr Lagguiclarified on use of the term “security.” He said that in the business industry, being securemeans that the level of risks is acceptable vis-à-vis the operational requirements. A lot ofmilitary officials in the armed forces are exchanging data online via yahoo mail or g-mail.Mr Laggui does not recommend this as these data go to foreign computers. Security meanstrustworthiness. Trustworthiness means that one have the power to audit the system, verifythe controls, and see demonstration of its safety and capability. Another participant emphasized the incidences reported in the presentationswherein states allegedly sponsored conducts of certain cyber crimes. He then asked MrApiwathanokul and Dir Alejandrino’s view on whether these states can be considered asterrorist and if so, what crimes can be charged against them. Dir Alejandrino said that itis very difficult to associate acts of cyber crime sponsored by the state to acts of terrorismespecially if a state had done it so in the name of national security. Meanwhile, Mr Lagguiclarified that alleged state-sponsored cyber crimes are not typically called state-sponsoredterrorism but exercise of political will with cooperation from other countries. One of the participants asked the speakers’ opinion on the government usingopen source8 software in their systems. Open source software can be audited to ensurethat the software is free from tampering. With regard software auditing which allows usersto examine the source code of software to ensure that it is not tampered, Mr Alejandrinoinformed the audience that the Philippines does not have an existing relevant law. Mr Laggui_______________________1Anonymous (used as a mass noun) is a group, spread through the Internet, initiating activecivil disobedience, while attempting to maintain anonymity.
21ICT Development and Cyber Security Readeradded that software auditing is imperative as it ensures the safety and trustworthiness ofsoftware outsourced to handle the country’s critical infrastructure.Summary and Way Ahead Abraham A Purugganan, MNSAFormer Head, Task Force for the Security of Critical InfrastructuresMr Purugganan considers the cyberspace as the fifth battle space (in addition to land,air, sea, and space). It entails new rules, doctrines, and rules and regulations. We becomeincreasingly dependent on information systems. Since its beginning in the 1990’s, internetreaches 2 billion people worldwide.Online information and resources (both public and private) have become solucrative that they have become so inviting to criminal organizations as well as governmentand corporate organizations. The Information Age has empowered every citizen in theworld; however, it has also enabled criminal elements to do evil things to an individual,organization, even a nation. In response, countries are establishing both defensive andoffensive cyber capabilities.The Philippines has become a haven for cyber crime not only due to lack of technicalknow-how, and laws but also the lack of organized national effort. The country has existingcyber capabilities. The easiest way to wage a war is to launch a cyber war. Traditionalforms of war entail a lot of resources. Cyber war, on the other hand, only needs a computer,internet connection, and a little programming knowledge. The Philippines has one of thebrightest programmers but the country does not take advantage of this. The E-commercelaw cannot bring hackers to justice. Local advocates have been lobbying for a cyber crimelaw for nearly a decade.Critical infrastructure must always be protected. Once cyber terrorists got controlof them, government operations and national economy may get compromised. In cyberwarfare, it is very hard to identify the enemy. Consequently, it may take a long time tocraft an international Cyber ROE. Organized cyber crimes, both terrorist-lead and state-sponsored, are targeting defense industries because of useful information in weaponry andcrucial military secrets.Private-public partnership in the country has its challenges. For one, privateindustries are reluctant to report, to law enforcers, hacking incidences for the fear oflosing clients and investments. Nevertheless, the private sector holds most of the criticalinfrastructures in the country; partnership is imperative.It is also imperative for any information system to have standard countermeasures(e.g., procedures, protocols, and programs). In the National Cyber Security Plan, boththe private and public sectors are encouraged to build their protective systems robustly.Industries must invest in security and backup systems to minimize disruptions in operationin the event of cyber attack.In the coming years, all manual ways of doing things may get digitized. As the levelsinterconnectivity and interoperability increases, vulnerability also increases. In enhancingthe country’s cyber resiliency, there is no need to reinvent the wheel in cyber security. Thereare lot of existing models and programs; all that is needed is implementation.
22 ICT Development and Cyber Security ReaderIV. Closing CeremonyConcluding Remarks by Fermin R de Leon Jr PhD, MNSA, President, NDCPDr. de Leon expressed his gratitude to Vice President Jejomar C Binay and the DNDSecretary Voltaire T Gazmin for being ardent supporters of the Colleges endeavor to engagevarious stakeholders in academic discourses on many issues and concerns that matters tothe country to include cyber security. He also thanked the speakers for guiding the audiencein traversing cyber security from theory to practice. He shared that while listening to thepresentations, his belief about the contemporary way of living was reinforced. Indeed, asinformation technology moves forward peoples’ lives become easier but, at the same time,harder.Since access to cyber technology has become universal, it has empowered notonly the citizens of the world but criminal minds as well; evolution of technology broughtevolution of threats alongside it. He confirmed that cyber technology has its predicamentsbut he also affirmed that it presents opportunities to include inter-agency and inter-sectoral,and inter-state collaborations.He is optimistic that the activity was able to impart the knowledge, insights, andeven skills and values which will equip the participants in confronting the enormous andoverwhelming challenges of the 21st Century.# # #
23ICT Development and Cyber Security ReaderSecond Forum on Cybersecurity Awareness and Collaboration27 February 2012NDCP Honor Hall, Camp Emilio Aguinaldo, Quezon City“How Safe Is Your Money?:Rethinking Cybersecurity”
24 ICT Development and Cyber Security ReaderKeynote AddressRethinking CybersecurityHonorable Jejomar C Binay, MNSAVice President of the Republic of the PhilippinesSpeech read by DND Secretary Voltaire Gazmin during the Forum on “How Safe Is Your Money?:Rethinking Cybersecurity” held on 27 February 2012, 9 am, at the NCDP Honor Hall, Camp EmilioAguinaldo, Quezon City._______________________________________________________________________________Our topic this morning does not require all of us to be cyber experts. It merely requiresus to be especially attentive to the new and ever-expanding security environmentin cyberspace so as not to be left behind by fast-moving developments. We do not enter an arcane and unknowable world when we attempt to grapplewith the issues of cyberspace. But we need as much as possible to move at a pace equalto the speed at which scientific and technical innovation is taking place and the variouscyberspace actors are creating new situations for us to deal with.Security planners, as has been amply demonstrated elsewhere, have the burden ofshowing that cybersecurity does not have a military application alone. It has an equallyextensive non-military application as well. Much of what we read about cyber warfare has little to do with cyber crime. There isa tendency on the part of the experts to distinguish sharply between the military threat andthe threat to law and order. The distinction is often so sharply made that different agenciesare placed in charge of the one and the other, and they hardly relate to each other. This approach is not always helpful. It tends to ignore the possibility, or the fact,that many of those involved in cyber wars are also first involved in cyber crime; they couldin fact use cyber crime as their training ground for their eventual engagement in cyber wars. Some authors have established this link among many non-state hackers who were involvedin the Georgian and Gaza cyber wars.In cyber warfare, information weapons are used to attack state and military controlsystems, navigation and communication systems, and other crucial information facilities tocreate serious military and civil dysfunctions within a state. In cyber crime, they are used to attack critically important financial services—banking and credit card transactions, insurance, trading, funds management, and otherbusiness and consumer activities that are delivered online to various parts of the economy. It generates untold profits for the cyber criminals with little or no risk at all. Deterrence is always hard in both cyber war and cyber crime. It is easier to detectattacks in cyber war than it is in cyber crime, but correct attribution, after detection, maybe a lot harder in cyber war than it is in cyber crime.
25ICT Development and Cyber Security ReaderIn cyber war, the target knows immediately when it has been attacked; in cybercrime, it sometimes takes a long time before a financial institution realizes that it has beenattacked. For instance, in 2009, the victim of the one of the biggest data breaches in us history,involving 130 million accounts, did not know that hackers had an uninterrupted access toits secure network until five months later. This was but one of the many cases reported orunreported that year. In the past six years, according to one online report, US companies have reported 288other data breaches, which compromised at least 83 million records of private individuals. The cost to each individual usually runs high. Such cost is compounded when the sensitive nature of the victim’s business, likethat of a bank, prevents it from reporting the breach to the appropriate authorities as soonas it is discovered, or if and when the attacked institution or the appropriate authorities donot have the legal means to swiftly and adequately respond to it. In one famous case last year, a US senator demanded to know why Citibank tookabout a month to report a breach affecting his credit card account and that of some 360,000others in North America. The damage to the credit card holders was never disclosed, but the senator pointedout that the institution had a fiduciary and business responsibility to notify its customersabout the breach, so they could protect themselves.This particular incident prompted calls for stronger legislation requiring breachedbusinesses to notify their affected customers. Thus far only 45 U.S. States have such breachnotification laws. Nothing similar exists in the Philippines.Of all transnational crimes, cyber attacks on financial institutions are said to beyielding the highest financial returns—— higher than those from drugs and arms smuggling,kidnapping for ransom, human trafficking, and others. And no one has been prosecutedfor any of them.These high, risk-free returns are bound to encourage local criminals to exert a muchlarger influence on the cyberspace underground, just as they have done so in Russia, Japan,Hong Kong, the United States, among others. This is where the real challenge lies.It is primarily a task for the law enforcers. There is an urgent need to intensify effortsat cyber crime prevention, detection and prosecution. We need to have the correct andadequate laws to protect our financial systems and institutions and private individuals, butthese have to be supported with the appropriate and adequate facilities and manpower.Precisely because modern technology has made the financial services so sensitiveand vulnerable to every slight disturbance, we need the best laws and practices to ensurethe most reliable means to guarantee public confidence in our monetary system. The Cybercrime Prevention Act of 2012, which has passed the senate, is a goodstart, but it barely scratches the surface and is just really a beginning. We need the most
26 ICT Development and Cyber Security Readercomprehensive cyber security laws to put us ahead of the most determined elements whospecialize in cyber crime.We also need to put good money into cybersecurity research, intelligence andanalysis, and to collaborate with the private sector whenever government resources arelacking in order to undertake such research and put it into practice for better cybersecurityof the financial services sector. This is vital to the interest of both the public and private sectors.For this reason, it could be a most suitable project for the public-private sectorpartnership program of the administration. Working together, the public and private sectors have an easier way of advancingthe state of the art in information technology and cybersecurity through innovations inmathematics, statistics and computer science, the development of measurements andstandards for emerging information technologies, and the deployment of I.T. systems thatare reliable, interoperable and secure.Together they also stand a better chance of protecting the physical and electronicinfrastructure of the financial services sector.These are just some of my thoughts on the subject. I hope to learn more from theexperts at this meeting. Thank you and good morning.# # #
27ICT Development and Cyber Security ReaderHighlights of the Second Forum on Cyber SecurityAwareness and CollaborationHow Safe Is Your Money?:Rethinking Cyber SecurityI. BackgroundThe Forum on “How Safe is Your Money?: Rethinking Cyber Security was held at theNational Defense College of the Philippines (NDCP) Honor Hall on 27 February 2012in collaboration with the Office of the Vice President (OVP) and the NDCP AlumniAssociation, Inc (NDCPAAI). The forum provided a platform for information disseminationand awareness to participants from government agencies, private sector, and the academe.Key persons were invited as speakers to expand security awareness and education as wellas ways to improve cybersecurity as a means to protect national security.The objectives of the forum were: 1) to promote awareness and advocacy campaign;2) to mainstream cybersecurity concerns among various sectors, and 3); to discuss andshare best practices in enhancing cybersecurity of various financial institutions. The forumis intended to serve as a platform to discuss and provide awareness and facilitate exchangeof knowledge and ideas on current status of cybersecurity in the Philippines and what canbe done to address current exigencies that are emerging because of the advancement oftechnology.In his opening remarks, Vice President Jejomar C Binay said that “there are newsituations to deal with” because of the threat to cybersecurity where there is “cyber warfarethat poses military risk and threat to law and order.” He emphasized that people who areinvolved in cyberwarfare must have first committed cybercrimes.” He defined cyberwarfareas activities in the cyberworld that have the potential to cause civil and military dysfunction.Cybercrime, on the other hand, may include attacks (e.g., data breach, disclosure of tradesecrets) against financial institutions to generate unlawful profits. Moreover, he highlightedthe need for an “accurate attribution to cyberwar and cybercrimes” because more often thannot it “takes a long time to ascertain when an institution is attacked.” The lack of relatedlegal foundation in the country has to be addressed because currently there is no legal meansto punish perpetrators unlike in the USA where there is a strong legislation for disclosuredue to the fiduciary nature of business especially in the financial sector”. It is an issue ofparamount importance because, no one has been prosecuted yet though cybercrimes arecommitted everyday. More importantly, cybersecurity encompasses a much larger influencebecause it is transnational. Consequently, there is an urgent need to intensify reports on cyberviolations, provide enabling laws and practices so that public’s confidence in the monetarysystem may be regained. The issue of cybersecurity is of vital interests to both private andpublic sectors; partnership is then necessary to eradicate the cybersecurity threats.
28 ICT Development and Cyber Security ReaderSix experts discussed the current practices in the Philippines regarding cybersecurity,its current status, development of products, and technological advancements today. SessionOne of the programme focused on the private and public sector perspectives of cybersecurityand how they have coped with the dynamics in the cyberspace. Meanwhile, Session Twofocused more on security measures taken by the companies which provide information andcommunication technology. The summary of the proceedings was done by Attorney IvanJohn Enrile Uy, Former Chairman of the Commission on Information and CommunicationsTechnology.The forum generally focused on public, private, and public-private initiatives tostrengthen cybersecurity with a particular focus on the financial sector. In addition, measureswhich can be taken by the public to protect themselves amidst the growing technologicaladvances today were also discussed.II. Opening CeremonyWelcome Remarks by Honorable Voltaire T GazminSecretary of National Defense(Speech read by Undersecretary Honorio Escueta)Sec. Gazmin focused on the expansion of cybersecurity awareness and education.He appealed to those present to contribute and do their part so that cybersecurity will bestrengthened. He emphasized the need for initiatives to improve cybersecurity for protectionof national interests and security.Keynote Address by Honorable Jejomar C Binay, MNSAVice President, Republic of the Philippines and President & Chairman, NDCPAAICurrently, there are no laws in the Philippines which deal with cyberwarfare andcybercrimes. The lack of pertinent laws poses threat to peace and order. He emphasized thatvaluable information, which is disseminated with the use of technology can possibly cripplecivil, military, as well as private institutions involved in the business of banking, financing,and insurance. Considering the dynamics of crimes committed in the cyberspace, VicePresident Binay urged the audience to work together to enhance security in the cyberspace.Vice President Binay affirmed that the issue of cybersecurity is of great importance due totransnational nature and more so perpetrators are not easy to pursue.III. Plenary SessionsSession One: Public and Private Sector Relationship and CybersecurityHow Do Banks Secure Information Assets? byManuel Joey A RegalaVP, Information Security Dept, Universal Bank President and Member, ISACA Manila ChapterMr Regala reported how finance institutions set up security measures to protecttheir client’s money. He stated that banks secure data, in digital form, which are valuableto the organization. He emphasized that assets are confidential. Banks have developed aformidable security module that recognizes that hackers now use improvised cameras thatenable them to see a potential victim’s personal identification number (PIN) to cash out the
29ICT Development and Cyber Security Readermoney from their clients. They also have improved their transaction receipts because now,it has marked account numbers to protect their clients. Banks, he said, have improvedtheir security by providing an in depth defense mechanism in layers. This protects dataand provides technical assurance that the risk of acquiring technological advancement withmaking banking easier will be managed. The mechanism includes the physical, host anddata security. He underlined that data security goes through the process of encryption,authentication and use of password in every bank transaction.Mr Regala also stated that check and balance is done by the banks in order to meetcertain standards and audit requirements set by the internal and external auditors of theCentral Bank of the Philippines. Banks have also established security measures that consistof a perimeter network, operating system, application layer and final core. He said that theinner core is the “holy ground” of the security system of banks and that the host hardens theoperating system so that hackers won’t be able to penetrate the system and thus, effectivelyprevents intrusion. The system also protects itself from virus and has audit locks. This allowsbanks to ensure the safety of their client’s money. Moreover, Mr. Regala emphasized thatauthentication is vital and that they have encrypted one time passwords, automatic timeout,digital certificates, and tokens to ensure that cyber banking is secure. His recommendationis to promote awareness for cybersecurity to enable human factors, interlinkages, culture,governance and support to come to fruition and strengthen cybersecurity.Cybercrime and How It Affects National SecurityRear Admiral Vicente Agdamag, AFP (Ret)Deputy Director General, National Security Council (NSC)Admiral Agdamag’s presentation was about the role of the public sector withregard to cybercrime and the importance of cybersecurity as a national security issue. Thefirst known incident that gave rise to the threat to national security in the Philippines isthe “love bug” that damaged over 12 billion dollars worth of computers. There are alsoinsurgences of cyberterrorism activities that attacks computer networks and ultimatelydestroy infrastructures. He noticed that there is lack of training with regard to cybersecuritythat the national security is threatened. There is no information system on how such attackscan be dealt with.Moreover, there is no legal regime upon which cybersecurity measures can easily bedistinguished and established. There are still questions on how to acquire jurisdiction andevidence. There is an urgent need to provide for laws that are apt to the current situationand threats to cybersecurity. There is even a development of HB 1246 Anti-cybercrime Actof 2011. It is wise to remember that the policy of the state is to undertake steps towards theenhancement of the Filipino people. Their welfare, protection of sovereignty, and protectionof national territory must be taken into consideration.The state must continue to pursue regional cooperation in cybersecurity. In fact, thestate has mandated that there should be five (5) groupings, which is divided into politicalgroup, diplomatic group, economic group, information group and military group. Thepolitical group will be led by Department of Interior and Local Government; the diplomaticgroup, by the Department of Foreign Affairs; the economic group, by the National EconomicDevelopment Authority; the information group, by the Communications department bythe Office of the President; and the military, by the Department of National Defense. He
30 ICT Development and Cyber Security Readerstated that the way forward is through information exchange, emergency response, researchactivities, and continuing efforts to combat threats to cybersecurity.Open Forum (facilitated by Atty. Ivan John Enrile Uy)Mr. John Ruero ISACA, ISA, and Philippine Society of IT Educators membercommented that the academic sector was not represented in the presentation of the publicsector. Admiral Agdamag, said that there is an assessment card where they are pushingfor manpower development and human resources. The factors that were taken intoconsideration were legislation, budget, infrastructure, and equipment.Nathaniel Marquez of RC 46 asked if the government has come up with a nationalpolicy regarding information and types of information that needs protecting. AdmiralAgdamag affirmed the need of this kind of policy not only as data management but alsoto increase awareness because information is now used as weapons to destabilize nationalsecurity. However, he said that as of now such policies are just being developed.DOJ Response to the Challenge of CybercrimeASec Geronimo L. Sy, Planning and Management Service, Department of JusticeASec Sy talked about the DOJ Response to the Challenge of Cybercrime. He talkedabout how cybersecurity is an encompassing concept where cybercrime is only a part of it.He thought that Senate and House Bills should include criminal reforms on crimes committedin the virtual world and should not be left to the information and technology committee. Healso talked about the legal and technical competency of members of the proposed committeeto ensure that laws meet global requirements. Moreover, he tackled the issue as to howlaws should enumerate and distinguish each of the cybercrimes punishable under our lawso that the DOJ can validly respond and propose a change in the Rules of Court to admit aprocedure for cybersecurity violations.Open ForumDrexx Laggui a computer forensic expert posed the question as to when one shouldstop electronic discovery and what are the existing guidelines and limitations. ASec Syanswered that in Brussels, Belgium it takes 3-6 months for forensic investigation and atpresent, it is still a global problem that needs to be addressed. There has to be changes withthe Rules of Court regarding procedure and at the moment, the DOJ is training prosecutorsready to try cyber cases.Ms. Cristina Exmundo, MNSA RC 47 student, said there are international laws thatregulate war. She asked if it was also the case for cyberwarfare. ASec Sy shared that in theUnited States there is a scale that could amount to cyberwarfare. In the Philippines, thelaw is still in the development phase. General Ozeta posed the question as to what is thegovernment policy on information and who is the manager of such information. ASec Syanswered that the DICT bill intends to give focus on the information anchor. He also saidthat the government is generating information for knowledge and guidelines. Althoughthe DBM has the power of purse, there should still be check and balance with regard tothe budget allocated for cybersecurity measures. LtCol. Roxas of Naval Plans Office askedwhether the information warfare capability as a hacker and as a deception device can be
31ICT Development and Cyber Security Readerused in the military. ASec Sy answered that there is a multiple track approach and thatthere is no such policy yet because focus is more on physical equipment for the military. Healso said that information policy should be relative to the national security policy so that itcould be used as input into national defense.Dr. Lemuel Braña, UP Professor and advocate of information security identifiedspecific problems, which are coordination and management and lack of standard to protectgateways or websites. ASec Sy agreed and said that the problem is human agency andthere are vulnerabilities in the concept of cybersecurity which pose the question as to whois going to do it.Dir. Nebuchadnezzar S. Alejandrino, Chief, DIMO asked Mr Regala to rate thestatus of cybersecurity in the Philippines. Mr Regala, said that he agreed with ASec Sy thatwe are in the low level. However we are using “stealth technology” which is in a defensivemode and he considers this a great start for cybersecurity. Dir. Alejandrino asked ASec. Syas to his legal standpoint on the need for a homeland security agency. ASec. Sy answeredboth yes and no. He said yes because there is a need for a coordination but he also saidno because we do not need another super agency. He said that what we need is a “webapproach” which is resilient for technological problems. He was asked if there are plansfor homeland security; he said there is no DICT yet.Dir Alejandrino asked Vice President Binay for policies to address the issue offoreign countries training students to hack. The Vice President said there is no need to put aspecial body to do task like that; what needs to be addressed first is coordination to facilitatecollaborative, multi-agency effort. The coordinating officials must have moral ascendancy.Lieutenant Feliciano shared that after training the police to highly technical experts theyare tempted with more lucrative jobs in the private sector. In connection, he asked whatthe government current retention plans are. ASEC Sy answered that the qualificationstandards of Civil Service Law should be abolished since it has been promulgated in the1960s and no longer covers jobs, which involves technology. He said that there should beresults based governance.Mr Dan Crisologo, a former head of Cybersecurity of NBI, and is currently a memberof the ICTO shared that the government has allotted one (1) billion pesos for cybersecurityto implement Executive Order 47.Session Two: Technical Specifications in Ensuring Cybersecurity in Gadgets andOperating SystemsiOS Security, John Andrew Lizardo, Training Supervisor and Professional Business UnitApple (PowerMac Center)Session Two focused more on the technicalities of how security measures have beenundertaken by various companies to adapt to the concept of cybersecurity. The first presentorwas Mr. Lizardo, which focused on the security features of the iPhone Operating System oriOS. The Layered security of iOs covers device security, data security, networking securityand application security. In device security, the operating system has passcode, policies,and device restrictions. Passcode policies require passcode on device, allow simple value,require alphanumeric value, minimum passcode length, minimum number of complexcharacters and minimum passcode age.
32 ICT Development and Cyber Security ReaderFurthermore, a 256-bit AES hardware protection is always on all data. In dataprotection, there is a five-level encryption and mail and third party application. With regardto network security, encrypted network traffic, strong authentication, and end-to-endencryption in Message and Facetime. Application Security includes mandatory applicationsigning, sandbox applications, encrypted keychain, security framework for developmentand managed application via Mobile Device Management (MDM). The MDM capabilitiesare to install and remove configuration policies, query devices, manage application, remotewipe and lock and clear passcode. However, in order to utilize the MDM, the user shouldbe enrolled to it. If the user has already enrolled to MDM, he can perform authentication,certificate enrollment and device configuration.IT Security Best Practices for Windows PlatformFreddy Tan, Cyber Security Strategist, Microsoft AsiaMr. Tan’s presentation started with addressing the question on who holds theresponsibility and accountability in cybersecurity which is very important. He said thatFilipinos are adapting Information Technology (IT) and that is a good sign. However, thecountry ranked 85 in 2010 and 86 in 2011 in Network Readiness. The ranking implies that thePhilippines is not equipped in terms of networking. He mentioned that cyberwar, sabotageand political change are the threats in cyberspace. He also stated that a malware programlike Stuxnet, a computer worm, is commonly used as a weapon to destroy the system.With respect to Microsoft security, he admitted that there are wide operatingsystems (OS), browsers and applications vulnerabilities and that Windows XP is the mostinfected OS. Therefore, if the user wants security, he should discontinue using XP andupdate the machine or the OS. He recommended that users have to buy the Windows 7- 64bit if they want security. He opined that a well-managed secure infrastructure is the keyand there should be a standard operating environment such as the US Airforce Standarddesktop. Microsoft has rights management services, which include bit locker, networkaccess protection, etc.Android SecurityCharo Nuguid, Java and Android Training and Development ConsultantCo-Founder, MobileMonday ManilaThe presentation focused on Android Security Model, user behavior vs. permissionsand best practices. The security features of Android are as follows: 1) Security at OS levelthrough linux kernel; 2) Mandatory application sandbox for all applications; 3) Secureinterprocess communication; 4) Application signing and; 5) Application-defined and user-granted permissions. It was discussed that Application Program Interface (API) may onlybe accessed by explicitly declaring permission. Based on a survey they conducted, 17%looked at permissions before installing and 56.7% do not install because of permissions. Thesurvey wanted to show that an application security is still dependent to the user.The best practices to secure the files are: 1) Use Android SDK instead of nativecode; 2) users should only ask for needed permission; 3) do not load code from outside theapplication; and 4) use authorization tokens instead of storing usernames and passwords.Data storage was also discussed. Data storage is divided into internal storage andexternal storage. In internal storage, files created are only accessible by the application that
33ICT Development and Cyber Security Readercreated it and local files may be encrypted as additional security for sensitive data. On theother hand, files created on the external storage are globally accessible and readable. Inaddition, data storage by content providers provides a structured storage mechanism thatcan be limited to the applications or exported to allow access by other applications and itis exported for use by other applications by default.Open ForumWhen if there are any efforts on the part of the providers to make settingsunderstandable for them, Mr Tan answered that there are two sides of the coin— if aperson is not technical and they experienced technical errors, they should look for peoplewho had experienced the same error and let them fix it. If a person is technical, on theother hand, they do it themselves because they understand it and can configure it on theirown. Mr Lizardo answered the question by saying that there is online support i.e., www.apple.com where it is a knowledge base forum for all apple users to find the best practicesin configuring apple devices. Ms Nuguid on the other hand said that everyone can accesswifi and the network – these facts are known to the developer. However, there are stilldefinitions or descriptions that are not for everyone to understand. What one can do is totell their contacts at Google that everyone has a problem with this configuration and thatthere is an error. This error is due to the fault of the developer and it is the obligation ofusers to let the developers know so that they can be conscientious enough to know whatcould happen and what the user could do.Dir Alejandrino asked Ms Nuguid if she would recommend android for militaryusage. Ms Nuguid answered that it is good enough for military usage and that securitydepends on the user because the user should be conscientious enough to notice that there areapplications which access data that it shouldn’t be accessing. Security, ultimately, dependson the person holding the device. Dir. Alejandrino further asked if it could do telepresence(video conferencing). Ms Nuguid answered that it depends on the device you are using ifit supports such applications. Usually such devices that support telepresence are ones thatcomes with two cameras.Dr. Diaz of MNSA Class 47 asked the speakers to expound on standardizing theoperating system. Mr Tan answered that it is due to the Standardization of Global Policiesor GPO. There is already a password, which is a form of configuration of the machine. Itis also up to the user to install applications or to change firewall settings. The concept ofstandardization, which the US government is planning to publish, is being able to manageall types of desktop regardless of its type.Eugene Galang, ICTO, NDCP, asked if the companies they are representing ask helpfrom ethical hackers to test newly developed systems before launching them. Ms Nuguidsaid that ethical hackers are those who get in the system, would tell the company what theyshould have done but they do not get paid. Usually ethical hackers remain anonymous.Unlike in the company of Oracle, they employ really good hackers to test their system. MrLizardo said that in Mac they have a developer system, which functions as a communitywhere they sample codes for an operating system and then they give feedback. They testout compatibility issues and try new applications. This minimizes the attack that no suchhacking would be done so long as one registers as a developer with them. Mr Tan said thatthere was a time when Bill Gates sent his employees back to school so that there would be
34 ICT Development and Cyber Security Readera security development project team. This enabled Microsoft to stay on top of its game.One participant asked, if the rival companies know the strength and weakness ofeach other and if they help each other to improve themselves? Ms Nuguid confirmed thisbut clarified that it is in an indirect manner because they get tips from the others throughlatest platforms each one launch. Mr Lizardo said that, Apple has provided others with tips.For example in 2006, there were a lot of improvements such as permissions and there wereheads up from competitor companies. It has been Apple’s vision to have a peaceful co-relation with them. Mr Tan provided that programs provide information to other technicalcommunities and that there is an MSDR, which is a research to disclose third party softwareto other companies. A participant further commented that they all share same information,same vulnerability and so everyone could address it.SummaryAtty Ivan John Enrile Uy, Former Chairman, Commission on Information and CommunicationsTechnology (CICT)Atty Uy said that there should be collaboration from both public and privatesectors to ensure that national security through cyberspace would be protected. As his lastparting words before he gave the floor to Dr De Leon for his closing remarks, he said thatit is everybody’s duty to uphold and spread awareness for cybersecurity because we allshare cyberspace as an information highway and therefore, we all have a stake at keepingit safe.IV. Closing CeremonyConcluding RemarksFermin R de Leon Jr PhD, MNSA, President, NDCPDr De Leon thanked Vice President Jejomar C Binay for the unrelenting support tothe growing concern regarding cybersecurity. It is indeed important to know how to keep ourmoney safe because we have worked hard for it. It is our endeavor to disseminate informationto ensure cybersecurity so that there would be no cyberwarfare and cybercrimes. Everybodyis involved in this because it is an issue that involves national security. Therefore, thereshould be cooperation and collaboration among public and private sectors to ensure thatthe threats would be addressed and ultimately, perpetrators would be held accountable.Moreover, he said that cyberspace is common to everyone and affects everyonebecause there is already a holistic view on national security and therefore, these informationand assets vital to the national interests must be protected. Dr De Leon hoped that theforum enabled the participants to have new insight and knowledge that will allow them todisseminate information and awareness to confront the challenges posed by cybersecurityissues.# # #
35ICT Development and Cyber Security ReaderSeminar-Workshop on Cybersecurity6-8, 11 June 2012Honor Hall, NDCP, Camp General Emilio Aguinaldo, Quezon City“Towards Information, Communicationand Technology Development (ICTD) andCybersecurity Enhancement”
36 ICT Development and Cyber Security ReaderOpening RemarksICT Development and CybersecurityEnhancementUSec Benjamin E Martinez Jr.Chief of Staff, Office of the Vice PresidentRemarks delivered during the Opening Ceremony of the Seminar-Workshop Towards Informationand Communications Technology Development and Cybersecurity Enhancement held on 6-8, 11June 2012 at the Honor Hall, NDCP, Camp General Emilio Aguinaldo, Quezon City._______________________________________________________________________________Dr. Fermin R De Leon, Jr, President of NDCP, RAdmiral Roberto Estioko, ExecutiveVice President of the NDCP Alumni Association, Inc., distinguished speakers,participants to this seminar-workshop, guests, participants, ladies and gentlemen,a pleasant good morning.It is both an honor and a privilege to be with you today, as we open our, “ICTdevelopment and Cyber security enhancement” workshop.For the next three days, Subject Matter Experts shall provide us a wide spectrumof the cyber infrastructure enhancement and threats, from global crimes, terrorism,forensics, to its implications to our office and country. I advise you, to open your minds,solicit questions, proactively participate, and I assure you, you will gain enough, if notexceedingly.This venue, I believe, is most apt for us, as stakeholders, to come together andaddress the enduring problem we face. As our country continues to rely on technology, wehave become no stranger to cyber crimes and cyber activism. We must recognize that ourinfrastructures and processes are now heavily dependent on Information, CommunicationTechnology (ICT) specifically the internet; hence, we are vulnerable to threats as well.In our region, just April this year, during the height of the Scarborough Shoalstandoff between the Philippines and China, the University of the Philippine’s portal wasdefaced which left a map of China on the main page. In retaliation, some suspected Filipinohackers strike back by also defacing Chinese websites. In the end, the incident left littleroom for prompt, amicable, and diplomatic agreement and eventually, only intensified thetension between the two states.The borderless arena of innovation has become a key player in developingmultilateral ties and diplomatic relations among nations.In the business sector, with the high growth of the business process outsourcing(BPO) industry and its gross economic contribution to the country, securing the ICTinfrastructure is most crucial. Potential cyber attacks are rendered detrimental to thebusiness continuity of BPO operations. Our BPO establishments’ resilience to cyber attacks
37ICT Development and Cyber Security Readeror lack thereof, shall project what image our customers and competitors in the globalmarket will see.Also, let us not forget our ethical and moral standards against cyber prostitution.Though millions or billions of dollars may be lost through cyber attacks, and denial-of-service attacks, the emotional and psychological damage cyber prostitution can have onpeople far exceeds such monetary damages.The internet and the cyberspace must always be treated with utmost care anddiligence; we must protect it to protect our people. It is with this, that collaborationand cooperation between private and government stakeholders in reinforcing our cybersecurity threshold becomes our prime goal.There may still be much work cut out for us, to become a technological powerhouse.Yes, we may be constrained by financial adequacies. But more than that, we need to answerquestions like-- what should be our National Vision on ICT and Cybersecurity? Where weare now on ICT development and Cybersecurity? What can be done now or what are thenecessary first steps to be done? I don’t have all the answers to these few questions.But the fact remains that for as long as we are here today and for the next fewdays, our adaptability and love for technology compel us to contribute to this nationaland global effort in fighting cybercrimes, strengthening cybersecurity, and enhancing ourinformation and communication technology.We can only effectively push forward and strengthen our cyber environmentthrough coordination and collaboration among all stakeholders. Rest-assured, our effortswill bring us far.Maraming salamat at mabuhay!# # #
38 ICT Development and Cyber Security ReaderHighlights of the Seminar-Workshop on Cyber SecurityTowards Information, Communicationand Technology (ICT) Development andCybersecurity Enhancement____________________________________________________________________________________________________________________________________I. BackgroundThe National Defense College of the Philippines (NDCP), in partnership with the Office ofthe Vice President (OVP) and the NDCP Alumni Association Inc (NDCPAAI) conducteda seminar-workshop entitled “Seminar Towards Information and CommunicationsTechnology (ICT) Development and Cybersecurity Enhancement” held on 6-8 and 11 June2012, 8:00AM- 5:00PM, at the NDCP Honor Hall, Camp Gen Emilio Aguinaldo, QuezonCity.The four-day seminar, designed for executives and senior managers in thegovernment and private sector, and senior military and police officers, aims to provideparticipants with a comprehensive understanding of cybersecurity from managementto technology aspect. Intended for 60 participants, the seminar is rigorous, dynamic andinteractive utilizing a combination of classroom-based lectures and learning events.Leading experts and practitioners from the industry were invited to speak includingDr Stephen Cutler of the Official Global Control Corporation, Mr Angel Averia and MrAlberto Dela Cruz of the Philippine Computer Emergency Response Team (PhCERT), DrLorenzo Clavejo of the National Security Council, Mr Simoun Ung of the Philippine VeteransBank (PVB) Card Corp, SI-III Joey Narciso of the National Bureau of Investigation (NBI),Dir Raymond Estioko of the Bangko Sentral ng Pilipinas (BSP), Mr John Abraham Rueroof the Information System Security Association (ISSA)– Manila Chapter, Ms Janette Toralof the Philippine Internet Commerce Society and PCInsp Felizardo Eubra of the PhilippineNational Police (PP). A total of 65 participants from various government agencies and privatecompanies participated in the said seminar. Among the agencies represented include theArmed Forces of the Philippines (AFP), Philippine National Police (PNP), Commissionon Elections (COMELEC), Department of Environment and Natural Resources (DENR),Senate of the Philippines, National Security Council, Department of Health (DOH), MetroManila Development Authority (MMDA), Department of Science and Technology (DOST),Department of Tourism (DOT), Department of Trade and Industry (DTI), Office of thePresident (OP), Department of Interior and Local Government (DILG), Bangko Sentralng Pilipinas (BSP), Office of the Vice President (OVP), Philippine Public Safety College(PPSC), Department of Energy (DOE) and the Department of National Defense (DND).Furthermore, private companies and international organizations represented include De LaSalle University (DLSU), International Organization of Migration (IOM), Zperia and AsianInstitute of Management (AIM).
39ICT Development and Cyber Security ReaderII. Plenary SessionsDay 1: June 6, 2012Session One: Cyber War and Cyber Terrorism, Stephen P. Cutler PhDCyberspace as defined by the speaker, a global domain within the informationenvironment consisting of the interdependent network of information technologyinfrastructures, including the Internet, telecommunications networks, computer systems,and embedded processors and controllers. Today, our nation faces an evolving array ofcyber-based threats arising from a variety of sources. These threats can be classified asintentional and unintentional. Intentional threats are those attacks which come from differentsources such as hackers, criminal groups, and terrorists. However, unintentional attacks arethose caused inadvertently by the disrupt system such as defective equipment and systemupgrades. Thus, securing one’s nation against these evolving cyber-based threats dependsentirely on the enhancement of national security and national defense strategy.The growing trend of cybersecurity is leading towards the increase of diversecriminal elements. These are the spamming, identity theft, dispersal of virus/worms,several types of fraud schemes, attacks on servers/systems and the like. Hence, the speakerclearly emphasized on the use of cyber space as a tool to commit crimes. This kind of threatcontinues to emerge and is rapidly changing. Given the situation occurring now, the nationshould double its efforts in combating the continuous transmission of malevolent attacksin the cyberspace.In order for a nation to succeed and prevent the disaster that cybersecurity imposes,the speaker proposes that it should begin with a competitive plan for recovery, clear policies,strong foundation of leadership, diplomatic and economic efforts, strong and solid alliancesand cooperation among the government, military and the private sector.Session Two: Philippine Cybersecurity: General Situation Angel Averia Jr.Cyberspace and the internet are interrelated. The speaker has shown a conceptualview of the cyberspace ecosystem divided into 5 categories: geographical location, people/users, internet identities, IP addresses, and networks. Business relations and social interactionincrease rapidly with the use of the internet as a tool to communicate. This new trend thatthe cyberspace executes leads us to a new global culture, which, on the other note bringsharm and increase in the volume of sophistication of malevolent attacks.At present, the Philippine ICT is continuously enhancing its defense againstcybersecurity. It has adopted several transformations such as migration to cloud services,increase in the use of social networks, rise of mobile devices and active internet exchangesoperated by Telcos. But alongside with these changes, the country is vulnerable to cyber-attacks as discussed by Mr. Averia. He has presented several recorded incidents of identitythefts, hacking, scamming, harassment, estafa/fraud extortion, pornography and webdefacement attacks from 2011 up to present. Furthermore, he also discussed the recentlycyber-attacks in the Philippine government websites.