Successfully reported this slideshow.
Your SlideShare is downloading. ×

National Security Review

1ICT Development and Cyber Security Reader
A special edition of the National Security Review
ICT Development
& Cyber Secur...
2 ICT Development and Cyber Security Reader
Editorial Board
Dr. Fermin R. De Leon Jr, MNSA
President, NDCP
Dir. Ernesto R....
3ICT Development and Cyber Security Reader
he Philippines, although considered an emerging country in computer ...
Loading in …3

Check these out next

1 of 214 Ad

More Related Content

Slideshows for you (18)

Similar to National Security Review (20)


Recently uploaded (20)

National Security Review

  1. 1. 1ICT Development and Cyber Security Reader A special edition of the National Security Review ICT Development & Cyber Security Reader Papers and Proceedings from the Fora on Cyber Security Awareness and Collaboration NATIONAL DEFENSE COLLEGE OF THE PHILIPPINES
  2. 2. 2 ICT Development and Cyber Security Reader Editorial Board Dr. Fermin R. De Leon Jr, MNSA President, NDCP Dir. Ernesto R. Aradanas, MNSA Executive Vice President, NDCP Ananda Devi Domingo-Almase, DPA Professor Dr. Antonio G. Matias, MNSA Professor Prof Charithie B. Joaquin Professor Prof. Christine June P Cariño, MNSA Chief, Academic Affairs Division Cdr Rostum J Bautista, MNSA PN (Res) Chief, Research and Special Affairs Division ________________________________________________________ Secretariat/Publication Committee Grace Q. Banlaoi, Manmar C. Francisco, Segfrey D. Gonzales, Gee Lyn M. Magante, Eugene Galang, Jaime Saulo, Francis Mangadlao Copyright 2012 by NDCP This volume is a special edition of the National Security Review and is published by the National Defense College of the Philippines. The papers compiled herein are solely those of the authors and do not necessarily represent the views and policies of their affiliated governments and institutions. Comments and suggestions are welcome and may be sent to NSR Publication Office, NDCP Camp Aguinaldo, Quezon City, with telephone number +63-2-912-9125. Cover photo credits:,,,,
  3. 3. 3ICT Development and Cyber Security Reader Foreword T he Philippines, although considered an emerging country in computer and cyber technology, is not isolated or shielded from acts of cyberterrorism and cyberwar. The more advanced a country is in terms of technology, the greater the impact of a cyber attack or network denial of service. There is a need for an increased awareness in the national and global environment on what cyber crimes are and how to deal with their effects. Undoubtedly, the internet is very much a part of our lives now and we cannot simply disconnect from it. Cyberspace is the interdependent network of information infrastructure that includes the internet, computer networks, systems and the embedded processors and controllers in critical industries such as telecommunications, banking, transportation, business. It is virtual and has become the “fifth domain” after land, sea, air and space. Since cyber crimes are virtually committed and transnational in nature, it is imperative to build trust among nations in sharing information on how to combat cyber threats. Perhaps the most prevalent crime of the 21st century in an age of information and communication technology (ICT) is cybercrime, also known as computer crime. Cybercrime has grown and worsened in alarming proportions as it affects information and data management systems important to government, business, education, and even entertainment. Worse, this crime, especially those that can be done at home, has invaded the privacy of personal life. These modern crimes, which employ computers or mobile phones as tools for illegal activities, include but are not limited to the following: identity theft and invasion of privacy; internet fraud; ATM fraud; wire fraud; file sharing and stealing intellectual property through piracy; counterfeiting and forgery; child pornography; hacking and espionage; programming of computer viruses; denial of service attacks; spam; and sabotage. Due to the widespread adoption and use of computers and the internet in almost all aspects of our daily living, and exacerbated by the vulnerability to aforementioned cybercrimes using the ICT and the cyberspace, the NDCP, in collaboration with the Office of the Vice President and the NDCP Alumni Association Inc. has embarked on a series of public fora and seminar-workshops to increase public awareness on the protection of information, communication technology and cyberspace to improve the security, efficiency, cost effectiveness, and transparency of all government and private online and electronic services through policy formulation and conduct of education, training and research on cybersecurity. The College also hopes and aspires to be the center for policy formulation on security and resiliency in cyberspace, as well as the venue where education, training and research on the protection of information, communication technology and computer network operations, including cybercrimes, defensive activities, and security of the cyberspace infrastructure will be conducted.
  4. 4. 4 ICT Development and Cyber Security Reader We hope that this present volume, ICT Development & Cyber Security Reader— a collection of papers, thesis, speeches, laws as well as highlights of the proceedings from a series of fora and workshops on cybersecurity awareness and collaboration, will somehow quench the thirst for more ICT literacy and cybersecurity understanding among our policy- makers and the general public. We also hope that this reader will contribute to better prepare public and private cyber infrastructure for any eventuality involving the misuse of cyber technology and for our cyber community to become more proactive in mitigating the risks of such cyber threats to the peaceful conduct of local and international affairs. Fermin R de Leon, PhD, MNSA President, NDCP
  5. 5. 5ICT Development and Cyber Security Reader Foreword 1. Welcome Remarks Fermin R De Leon Jr, PhD....................................................................................... 2. Keynote Address during the Securing a Whole Wired World: A Forum on Cyber Security Awareness and Collaboration Honorable Jejomar C. Binay..................................................................................... 3. Highlights of the First Forum on Cybersecurity Awareness and Collaboration: Securing A Whole Wired World............................................. 4. Keynote Address during the Forum on How Safe Is Your Money?: Rethinking Cybersecurity Honorable Jejomar C Binay...................................... 5. Highlights of the Second Forum on Cybersecurity Awareness and Collaboration: How Safe Is Your Money?: Rethinking Cybersecurity.................................................................................. 6. Opening Remarks: ICT Development and Cybersecurity Enhancement USec Benjamin E Martinez Jr................................................................................. 7. Highlights of the Seminar-Workshop on Cybersecurity: Towards Information, Communication and Technology Development (ICTD) and Cybersecurity Enhancement...................................................................... 8. Highlights of the Third Forum on Cybersecurity Awareness and Collaboration: Cybercrime Law and Its Implications to National Security.................................................................................................. Papers on ICT Development and Cybersecurity 9. Paper Output during the Seminar-Workshop Prioritizing ICT Development and Cybersecurity Seminar ...................................................... 10. Understanding Cyber Security from Global and Regional Perspective Stephen P. Cutler............................................................... 11. Cyber War and Cyber Terrorism Stephen P. Cutler......................................... 12. Philippine Cyber Security: General Situation Angel S. Averia, Jr................ 13. Historical Notes on Technology and Cyber Security Initiatives Lorenzo A. Clavejo..................................................................................................... 14. Cyber-security: Perspectives on Attacks John Peter Abraham Q. Ruero.................................................................................. C O N T E N T S 3 8 9 13 24 27 36 38 48 61 67 75 77 86 90
  6. 6. 6 ICT Development and Cyber Security Reader 94 103 119 122 124 132 135 147 161 163 166 178 189 208 15 Cyberwar and Rules of Engagement Drexx D. Laggui............................... 16. The Evolving Landscape on Information Security Wilfred G. Tan, Carlos T. Tengkiat & Simoun S. Ung....................................... 17. The Need to Secure Our Cyber Space Angel T. Redoble............................. 18. National Security Implications of R.A. 10175: Defense Perspective Nebuchadnezzar S. Alejandrino I......................................................................... 19. Fighting the Crime of the Future: Responding to the Challenges of Cybercrimes Geronimo L. Sy............................................................................ 20. Key Structuring Principles in the Cybercrime Law Discourse Shirley Pelaez-Plaza.............................................................................................. 21. New Frontiers in Cybersecurity: Its Adverse Impacts in the Philippines and ASEAN Region Chester Cabalza........................................ References 22. Republic Act No. 10175 An Act Defining Cybercrime, Providing For The Prevention, Investigation, Suppression and the Imposition of Penalties Therefor And For Other Purposes.............................................................................................................. 24. Types of Cybercrime 23. Cybercrime Interpol........................................................................................... Thesis Abstracts 25. Cybersecurity Capability of the Armed Forces of the Philippines in the Midst of Computer Threats Arturo A Larin...................................................................................................... 26. The Effects of the Internet Age on National Identity and National Security Nathaniel Ordasa Marquez.................................................. 27. Electronics Security System of Universal Banks in the Philippines: An Assessment Rodrigo I. Espina, Jr., ............................................................ Directory of Participants..............................................................................................
  7. 7. 7ICT Development and Cyber Security Reader First Forum on Cybersecurity Awareness and Collaboration 26 October 2011 NDCP Honor Hall, Camp Emilio Aguinaldo, Quezon City “Securing A Whole Wired World”
  8. 8. 8 ICT Development and Cyber Security Reader Welcome Remarks Fermin R De Leon Jr PhD, MNSA President, NDCP Speech delivered during the Securing a Whole Wired World: A Forum on Cyber Security Awareness and Collaboration, on 26 October 2011, NDCP Honor Hall, Camp Emilio Aguinaldo, QC _______________________________________________________________________________ T heHonorableJejomarCBinay,MNSA,VicePresidentoftheRepublicofthePhilippines; Honorable Voltaire T Gazmin, Secretary of National Defense; distinguished members of the diplomatic corps; sons and daughters of the NDCP; my fellow civil servants; ladies and gentlemen, a very pleasant morning. The College has always been at the forefront of discourses of present issues and concerns that matters to you, to me, and the rest of society. It has always been providing a venue for enlightenment and understanding as it welcomes to its confines, with very much eagerness enthusiasm, open and truthful discussion all in the name of academic freedom. Today, the College, once again, proudly finds itself as the point of convergence of a wide spectrum of stakeholders to tackle perhaps the most crucial issue of this age. For this, I wish to personally extend my gratitude to the Honorable Vice President and the NDCP Alumni for once again, partnering with the College in such a worthy endeavor. As its theme conveys, the event elevates cyber security awareness among its audience, a diverse mixture of cyber security key players coming from the government, private sector, the civil society and the academe. It also highlights the importance of partnership in building the nation’s cyber resiliency. Indeed,oureventisasterlingcontributionoftheacademeinseizingtheopportunities and facing the challenges the Information Age presents. Despite an emerging nation in cyber technology, our country is never shielded from cybercrimes. There is a need to enhance our cyber security if we want to take advantage of the opportunities of this heightened interconnectivity. Thus, I encourage everyone to actively participate in discussions as everyone’s contribution is important in addressing the evolving threats we face in the cyberspace. Cyber security is something that affects us all. As more and more daily functions rely on digital systems, we have more and more reasons to ensure the privacy, safety and security of our cyber space. It’s an important task not exclusive to the government nor the private sector. Enhancing our cyber security is rather a shared responsibility because at the end of the day, cyber security is about security of the people. In the first place, technology is there to make our lives better. However, if we fail to be conscientious and proactive users, any sophisticated technology will be rendered useless or, even worse, prove to be harmful. Ultimately, it is in our hands to secure a whole wired world. Magandang araw at mabuhay tayong lahat! # # #
  9. 9. 9ICT Development and Cyber Security Reader Keynote Address Honorable Jejomar C. Binay, MNSA Vice President, Republic of the Philippines Speech delivered during the Securing a Whole Wired World: A Forum on Cyber Security Awareness and Collaboration, on 26 October 2011, at NDCP Honor Hall, Camp Emilio Aguinaldo, QC _______________________________________________________________________________ W hen we first discovered the Internet around two decades ago, we heard about its power as a communications tool. As dial-up networking struggled to cope with our thirst for email, we were content to use the World Wide Web for keeping in touch with friends and family. Yet the birth of cyberspace did not fully reveal the impact it would have on the world. Not long after its propagation, the Web developed a maturity that dissolved borders. Not since the invention of the locomotive has a technological wonder spurred progress the way the Internet did. Education, business, finance and personal exchanges found a new home on cyberspace. Entrepreneurs could do business nationwide without having branches in every city, and almost anything can now be bought online. No longer was it necessary to be in a classroom at a particular time to hear a lecture or complete a course. And in case you needed to access your money after business hours, online banking made it possible to manage your accounts without the help of a teller or ATM. Further technological advances bolstered the World Wide Web, making it possible to transmit data and voice at the speed of light. Geographical barriers to outsourced and offshore services came down and within the past ten years, the Philippines, and several other countries have reaped the benefits of this wave. Governments and firms quickly saw the power and benefit behind storing information in electronic formats. Apart from the positive impact on the environment, this permitted a central and consistent base of records to be maintained and made accessible to the agencies and offices that citizens transact with to obtain basic services. However, where an abundance of opportunity and an openness of exchange exist, criminal genius cannot be far behind. The advancement of the Internet has prompted ill- doers to exploit the Web for their own nefarious purposes. Some months ago, I had a brief encounter with two IT managers. I forget their names, but they were young, very driven and visibly competent Filipinos. Being less fluent than I should be in the language of Information Technology, I picked their brains to learn more of the threats we face, and the weaknesses that they believe are present in our country. The first manager contributed his own notes to the conversation saying that from three years ago, attempted intrusions into his network (or attempted hacks) tripled. From 400 attempts daily in 2008, he is now blocking over 1200 attempts per day. Based on his reviews, only 3% of the attacks emanated from the Philippines. The vast majority came from China with the balance originating from the rest of the world. He lamented that these
  10. 10. 10 ICT Development and Cyber Security Reader attacks will probably increase geometrically in the future and that he works feverishly to keep up with the threats by upgrading access control procedures, security software and where budgets permit, his hardware as well. When I asked for examples of intrusions and their risks, the second narrated his personal experience from his own BPO center in Makati. He was monitoring his VOIP servers, when he saw unauthorized calls being directed to places like Brazil, Zimbabwe and Haiti. He immediately secured his line but the one hour’s worth of hijacked calls cost him over $2000 in charges. The attack originated not from within his workforce but from overseas, and it took months for him to resolve the billing with his service provider. Luckily, his loss was temporary but he added that he personally knew of a center in Ortigas that closed shop after hijacked VOIP servers inflicted monthly losses in the millions of pesos. These trends, in the words of these professionals, represent but a fraction of the threats an IT-enabled business can face. At that point, it became painfully clear that cyber security threats were not just epic events that affected foreign nations or large conglomerates alone. Like other citizens of cyberspace, we too are at risk, and those risks escalate as quickly as fiber optics transmits signals. The breadth and depth of valuable information on the Web has reached critical mass and sends new breeds of criminals into a feeding frenzy. What is valuable to us can now be stolen online, just as easily as a pickpocket can make off with our cell phones. What is critical to us can be shut down or made unusable and no longer are these cases taken from a plot crafted by fiction and cinema. In 2008, a band of three hackers stole more than 170 million credit card numbers before they were arrested. In 2010, South Korea sustained a cyber attack where 166,000 computers from 74 countries jammed the web sites of banks and government offices. Also in that year, IT security experts unearthed a worm named Stuxnet. Unlike previous worms, Stuxnet did not prey on computers and networks. Instead, it compromised software that controls industrial machines and could wreak havoc on facilities like power and water plants. The damaging potential of Stuxnet was exceeded only by the effort that had gone into its creation. The experts who dissected the worm concluded that around 10,000 man hours had gone into its creation. This was aside from the sheer sophistication of the malware’s design. There was little doubt that cybercriminals had a resolve that matched if not surpassed that of suicide bombers in Iraq or Afghanistan. Their weapon of choice may far exceed the damage that any WMD can inflict. In 2010, the cost of electronic theft exceeded that of physical theft according to the 2011 Global Fraud Report of Kroll Associates, a leading American security and risk management firm. Perhaps the starkest example was the Wikileaks incident, where classified cables from the US State Department suddenly emerged in the open domain. Not even the US government was immune to the threat, despite the wealth of resources at their disposal. Clearly then, cyber security is a national security issue. The practically borderless nature of the cyber world presents a daunting challenge to us as we work to exist safely in that realm. One of our blind sides is the lack of information exchange between all stakeholders. The IT community is most aware of these evolving
  11. 11. 11ICT Development and Cyber Security Reader threats but the public sector may be less so. Currently, no single agency has the capability or mandate to match the scope of this threat and collaboration between public and private parties should remain one of our strongest mooring points. The private sector should be a firm partner in this effort. IT is the focus of their business and apart from employing the best people that they can, it is they who have encountered these threats first-hand. Their defenses and solutions are forged in reality and their findings are invaluable as we map out a strategy to secure the new national assets that the Web has created. Let us see how the skills gained by the private sector can be cascaded to their counterparts in government. Apart from holding hands to gain familiarity with the terrain of the Internet, let us revisit our laws. Many potential foreign investors in the IT field still have the genuine fear of suffering electronic threat offshore, without having legal recourse. Our country’s e-Commerce law is now over a decade old. Perhaps it is time to lend your talents towards enhancing our laws to insure that they remain capable of addressing the challenges we currently face and those that we shall meet in the future. Other nations have made this a top priority. The UK and the United States have their data privacy laws which are strictly interpreted and enforced. Nonetheless, in the past year alone, 18 bills have been filed in the US Congress to further enhance their laws against cybercrime and similar activities. Let us work with our legislators. I have no doubt that they are all eager to help us close this gap in our virtual borders, but they need to understand not just the jargon, but the threats we face and the consequences we can suffer. Guide them through the language and landmarks of cyberspace and I am confident that relevant and lasting legislation shall result. Operationally, it is my hope that this forum shall give birth to both a cyber security roadmap, as well as a defined framework of collaboration between government agencies and the private sector so that a cyberspace coast watcher system can be established and implemented. In countries like Japan, inbound viruses and malware are treated like outbreaks. The path is monitored in real time, and through pre-established communications procedures, the propagation of the virus is arrested. Alerts are sent out not just to networks nationwide, but to competent government authorities from the source country and other nations in the region. Specialists are tasked to dissect the virus and formulate defenses which are rolled out to all networks in the country. We should be able to achieve such a system if we work hard enough. This may sound like a tall order, for we have yet to acquire the infrastructure sophistication of some of our neighbors. However, within this forum, provide clarity to the question of technical skills that we need to develop and foster in the long term, and how to best organize these skills. Let us explore avenues for government-to-government cooperation in terms of technology transfer with our friends in North America, Europe and Asia. While technologies change, the collaborative approach shall remain the cornerstone of a sound national security response.
  12. 12. 12 ICT Development and Cyber Security Reader This battle in cyberspace comes to us swiftly and unceasingly. This forum is a positive step towards rallying our forces but it will take several steps for us to complete our task. Together, let us raise our virtual army and come to our nation’s defense. Thank you and good morning. # # #
  13. 13. 13ICT Development and Cyber Security Reader Highlights of the 1st Forum on Cyber SecurityAwareness and Collaboration Securing a Whole Wired World _______________________________________________________________________________ I. Executive Summary I n celebration of the Cyber Security Month, the National Defense College of the Philippines (NDCP), in collaboration with the Office of the Vice President (OVP) and the NDCP Alumni Association, Inc (NDCPAAI) launched a series of fora on Cyber Security Awareness and Collaboration with the theme “Securing a Whole Wired World.” The event was held on 26 October 2011 at the NDCP Auditorium. The Philippines is never shielded from acts of cyber terrorism and cyber crimes. Thus, the objectives of the forum were: 1) to gather cyber security key players and stakeholders in the country; 2) elevate awareness on what cyber crimes are to eventually control and conquer them; and 3) explore prospects for cooperation among the government, private sector, academe, and the civil society. The forum was intended to provide a platform for discourse and collaboration among government agencies, private sector, academe, and the civil society. The activity commenced with the keynote address from Vice President Jejomar C Binay followed by the three lecture sessions comprised of six experts who were tasked to tackle cyber security from theory to practice; and a summary from Mr Abraham Purugganan, MNSA. The Vice President’s keynote address read by the DND Secretary Voltaire T. Gazmin, elaborated on the seeming paradox of cyber technology. It has made lives easier and, at the same time, harder. Cyber security was deemed as an opportunity for interagency, inter- sectoral, and intergovernmental collaborations. Session One provided the current situation, challenges, and opportunities in the cyber space. It revealed the urgent need to boost cyber security awareness and capability in the Philippines. Session Two emphasized the importance of public-private partnership in enhancing the cyber resiliency of the Philippines. It also explored the nature of cyber war and provided foundations in crafting the rules of engagement in cyber warfare. Session Three gave a practical demonstration of how a computer virus can infiltrate industrial control systems and eventually impact the critical infrastructures of a country. The audience was also provided with practical tips in dealing with cyber attack. Overall, the discussions centered on the ever-changing nature of national security as demonstrated by the dynamics in the cyber space. Through cyber technology, we saw how countries flourished to become powerful nations, but we also witnessed how they become victims of cyber crimes, cyber terrorism and cyber warfare. In the end, collaborative approach remains to be one of the most effective ways of dealing with the evolving threats in the cyber world.
  14. 14. 14 ICT Development and Cyber Security Reader II. Opening Ceremony Welcome Remarks by Fermin R de Leon Jr PhD, MNSA, President, NDCP Dr. de Leon declared that discourses on significant issues to the society, such as cyber security, are always welcome in the NDCP. The College has always been providing venue for enlightenment and understanding in the furtherance of academic freedom. Cognizant of the importance of cyber security awareness in national security, he thanked the OVP and NDCPAAI for partnering with the NDCP in organizing the forum. He considered the forum as a sterling contribution of the academe in seizing the opportunities and facing the challenges the Information Age presents. He reiterated that developing cyber resiliency is not a responsibility exclusive to the government nor the private sector. Rather it is a shared responsibility; everyone’s contribution matters. Keynote Address by Honorable Jejomar C Binay, MNSA Vice President of the Republic of the Philippines and President & Chairman, NDCPAAI (Speech delivered by the DND Sec Voltaire T. Gazmin) Vice President Binay noted how the web has become an integral part of human life and an indispensible tool of governments, industries, and various sectors around the world. However, he also emphasized how the internet dissolved boarders and how the breadth and depth of valuable information on the Web has reached critical mass sending new breeds of criminals into a feeding frenzy. In 2010, South Korea sustained a cyber attack where 166,000 computers from 74 countries jammed the web sites of banks and government offices. In the same year, IT security experts unearthed a worm named Stuxnet. Unlike previous worms, Stuxnet did not prey on computers and networks. Instead, it compromised software that controls industrial machines and could wreak havoc on facilities like power and water plants. He also cited the 2011 Global Fraud Report of Kroll Associates, wherein, in 2010, electronic theft exceeded that of physical theft. Vice President affirmed that while the world reaped unfathomed benefits from the heightened interconnectivity among nations and industries, the borderless nature of the cyber world also presents a daunting challenge to everybody as all work to exist safely in that realm. Currently, no single agency has the capability or mandate to match the scope of this threat and collaboration between public and private parties should remain one of the strongest mooring points. He highlighted the importance of the private sector as a partner in ensuring the cyber resiliency of the country. Many potential foreign investors in the IT field still have the genuine fear of suffering electronic threat offshore, without having legal recourse; the country’s e-Commerce law, being more than a decade old, is already outdated. Heencouragedpertinentagenciestoexploreavenuesforgovernment-to-government cooperation in terms of technology transfer with friends from North America, Europe and Asia. While technologies change, the Vice President is positive that collaboration shall remain the cornerstone of a sound national security response.
  15. 15. 15ICT Development and Cyber Security Reader III. Plenary Sessions Session One: The Regional Cyber Security Landscape, Challenges, and Strategies Cyber Security and Governance by Atty Ivan John Enrile Uy, Former Chairman, Commission on Information and Communications Technology (CICT) Atty Uy offered the latest cyber security landscape. He shared that presently, there are 5 billion mobile phone users around the world; two billion of which are internet users. Out of the 2 billion, approximately 1.2 billion come from developing countries around the world. He reported that online transactions have reached 10 trillion dollars worldwide. The amount of data processed or handled in the virtual realm reached 5 hexabytes in 2001- 2003. Today, the cyber world produces the same amount of data in a matter of days. Radio reached 50 million in 38 years; television took it 13 years. Meanwhile, the internet reached the same number of people in 4 years time; Facebook did it in 3 months. This is how rapid the internet covers and places its footprints across the world. Aspeopleincreasinglybecomeawareofwhattechnologycando,technologybecomes a source of challenge and a matter of security concern for governments. Governments are now being obliged to match how the private sector, through information technology, efficiently delivers services to the people. It is very apparent as many governments worldwide have begun to deliver e-governance and e-services to their citizens. However, as information technology becomes handier and more ubiquitous, more and more criminal minds would want to exploit it. Cyber security concerns have significantly increased over the past years. Recently, Sony’s playstation network was hacked; 70 million accounts were put at risk. The very first cyber warfare may have happened in 2007 when Estonia’s information infrastructure was allegedly attacked by the Russian Government after Estonia decided to move the grave marker of a Soviet-Russian hero. These recent events have moved the United States to establish a cyber security command headed by a 4-star general in 2009; South Korea, Great Britain and China followed a year later. When one speak of cyber security one usually refers to common cyber crimes (e.g. fraud, gambling, child pornography). However, there are another arenas that requires adequate attention e.g., cyber terrorism, denial-of-service attacks, online espionage, and online warfare. Such attacks may come externally or within. Information technology has change how the people live and how they act. It has ousted governments who have underestimated its ability to influence the mindset of the people (e.g. EDSA II and Arab Springs). Cybercrimes, Cyberterrorism, and Cyber Security Landscape by Atty Magtanggol B Gatdula, PhD, Director, National Bureau of Investigation (NBI) Atty Gatdula reported that the Philippines is now a haven of transnational organized crime syndicates due to the lack of capabilities and technical-know-how of law enforcers in the country. Quoting Director Sammy Pagdilao of the Philippine National Police–Crime
  16. 16. 16 ICT Development and Cyber Security Reader Investigation and Detection Group (PNP-CIDG) he shared that cyber crime mafias, mostly foreigners, have established bases of operations in the country. Cyber crime syndicates have taken advantage of the organizational and technical incapability of law enforcers to fight cyber crimes. Because of great feats in information and telecommunications technology, the public is lured to exchange security over the convenience these tools offer. Being useful and user-friendly, smartphones have become a typical person’s confidante in his daily living. However, due to the mass of personal data stored on these gadgets, most of which are sensitive, these seemingly useful tools may become a source of vulnerability to their users. Today, the world experiences a dramatic increase of malicious software. Smartphones serve as a window of opportunity to cyber criminals to access potential victims personal and bank details. With regard to cyber terrorism, Atty Gatdula believes that terrorism continues to survive because it takes different forms to match the changing times; this includes cyber terrorism. The information age has built a battle zone not only for good intentions but also for evil schemes. In the absence of clear national policy for information security and internet structure stability, the Philippines is vulnerable to cyber attacks. The country currently lacks a well-defined strategy and clear national security policy to combat cyber terrorism. The Human Security Act of 2007 and the E-commerce Act of 2001 could no longer address the emerging and evolving challenges in information security. The vulnerabilities of developing countries continue to encourage terrorists to enhance their hacking skills. No matter how sophisticated the reporting systems of industries are, they would all be rendered useless if the country does not have the technical capability to promptly and effectively respond. Nevertheless, vulnerabilities come with counteractions e.g., prevention, detection, and reaction. The task is mainly reaction; one can never always be proactive when it comes to cyber terrorism. One is blind of the next mode of attack. Amidst different modes of cyber attacks such as Stuxnet1 , there is need to assess and address the vulnerabilities of the countries exiting infrastructure control systems (e.g., MRT, LRT, traffic systems, dams, and wind mills) not only by the Philippine Government but also businesses operating these industry control systems. Session One Open Forum A participant asked the speakers to personally identify the most probable and plausible cyber terrorism attack to the Philippines. Atty Uy opined that the country currently has a lot of vulnerabilities in many areas which may all be potential targets of attack. He particularly identified government websites which have recently become targets of hacking and defacement. He agreed with Atty. Gatdula on the possibility of local critical infrastructures being points of attack. Another participant shared his experiences on receiving e-mails from unidentified persons offering to launder money to the Philippines. He asked if the NBI has ever pursued _____________________ 1 Stuxnet is a computer worm widely suspected to have been designed to target uranium enrichment infrastructure in Iran. IT experts concluded that the sophisticated attack could only have been launched with nation-state support.
  17. 17. 17ICT Development and Cyber Security Reader these scam authors. A former Chief of the NBI’s Computer Crimes Division said that agency launched several information drives against such scams. He also shared that the origin of these emails can be mostly traced in Africa. Because of jurisdictional considerations, the NBI cannot launch full pursuit operations against these scammers. Atty Uy shared that the Philippines already have local versions of such scams. Session Two: Government and Private Sector Solutions Cyber War and Rules of Engagement Drexx Laggui, Principal Consultant, Laggui and Associates, Inc. The recent penetration tests initiated by the Land Bank showed how vulnerable the network systems of Megalink and BancNet members are. Hired computer experts were able to fully infiltrate their systems, allowing them to do fund transfers and hijack remittances. Recently, the information system of the International Monetary Fund was penetrated compromising very sensitive data that could endanger the financial market. The hackers allegedly accessed the network system by targeting the Facebook account of an IMF employee. It is widely suspected that it was a government-sponsored assault. Cyber terrorists would break into online banking systems, still credit card information in order to buy equipment that would carry out their terrorism plans. Through BSP Circular 542 which requires banks to undergo penetration testing yearly, the public is ensured that local online banking systems will survive in the event of cyber war. However, other industries are still vulnerable. The energy, utilities, and the transport industries all use SCADA2 in their infrastructure control system. SCADA is the same system used by the Iran nuclear enrichment plants allegedly targeted by Stuxnet. Cyber war is a state-sponsored sabotage or espionage done before soldiers set foot on the battleground. It is the “use of force” in the cyberspace that has repercussions in the physical world. It is not directed against the military but the national economy which may also have serious implications in national security. In cyber war the rules of engagement (ROE) must be carefully crafted to minimize ambiguities that would delay responses when use of force is already required. When a country is engaged in cyber war the criteria for success (or failure) must be defined. The scope and timeframe of the attack must be set. Targets that are far removed from military objectives (e.g. hospitals) must never be engaged. The impact of cyber weapons is unproven and unknown which makes their employment, in the event of cyber war, a critical decision given to the Head of State. The health, welfare, and privacy of the public must not be compromised. The reports, records, and data generated from cyber operations must never be used for commercial gains. In crafting the ROE for cyber war, three challenges must be addressed–credibility, invocation scenarios, and attributions. The key to deterrence is to show that the nation has the capability to defend itself against attacks and, if necessary, to fight back (i.e., credibility). The Philippines should have potential escalation framework, where some instances could invoke cyber war, as part of a planning activity (i.e., invocation scenarios). There is also a need to beef up capabilities that would aid law enforcers to identify the face (or nation) behind the keyboard (i.e., attribution). __________ 2 SCADA (supervisory control and data acquisition) refers to industrial control systems (ICS)-computer systems that monitor and control industrial, infrastructure, or facility-based processes
  18. 18. 18 ICT Development and Cyber Security Reader The Philippines has a maturity level of 13 when it comes to cyber war capabilities. The country has arcane laws, regulations, and ROE that hobble its capability to ensure its national security. Nevertheless, it has the potential capability to engage, sustain, and achieve objectives in cyberspace. Public-Private Partnership in Cyber Security Stephen Cutler, President and CEO, Official Global Control Corporation The world is facing the same transgressions as it did hundreds of years ago (e.g., fraud and theft); the only difference is the speed of which they are committed. The state and military security structures do not move quickly as policies change. Like any crimes committed in the real world, there is a need to differentiate the acts of crimes committed by a pathological criminal (which are felonious) and those committed by a pathological criminal but in charge of the state (e.g., Hitler and Stalin). It is critical to differentiate acts of war and crimes. Educational institutions such as the NDCP may provide light in this important issue. Some people in the military believe that the private sector should protect themselves; the armed forces should protect the shores of the nation. However, in the advent of the information age, one may rarely see physical assaults as extensive as it was during the Spanish colonial era. However, at present, the private sector holds most of a country’s national assets. It is therefore, a responsibility of the military to protect them. One should take a holistic view of national security. There is a need for public-private partnership and dialogue. There is a need to gather stakeholders from the country and representatives from the international community as well. National assets (both public and private) must always be protected. Whether the country is faced with invasion in the physical or the cyber world it does not matter; national assets will be lost. Both the private and the public sector must contribute their utmost responsibility and utmost capability in protecting their nation. Major General Jonathan Shaw of the British Cyber Command said that cyber attacks represent the greatest threat to national security. Cyber attacks affect everyone. Everyone therefore must contribute in the protection against the danger cyber attacks impose. 80% of the threats are the result of poor cyber hygiene (e.g., the lack or relevant laws). Every nation must utilize all multilateral and bilateral relations to ensure its cyber resiliency. Session Two Open Forum One of the participants asked Mr Laggui if the Monroe Doctrine4 is a sufficient framework to defend a nation’s security especially in the cyberspace. He also asked if there is a need for further definition of cyber war to set it apart from cyber attacks. He wanted to know from Mr Cutler how much should cyber security policies be flexible considering that _________ 3 According to Mr Laggui, countries with Level 1 Maturity (i.e., Ad Hoc Level) have key stakeholders as leaders championing management system of IT security. 4 The Monroe Doctrine is a policy of the United States introduced on December 2, 1823. It stated that further efforts by European nations to colonize land or interfere with states in North or South America would be viewed as acts of aggression requiring U.S. intervention.
  19. 19. 19ICT Development and Cyber Security Reader the Treaty of Westphalia5 no longer holds and the dynamics in the cyber world are ever- changing. In response, Mr Laggui shared that the cyber version of the Monroe Doctrine4 allowed the US to identify its critical infrastructures and build up cyber resources to defend these assets. Meanwhile, Mr Cutler said that the Treaty of Westphalia is one of the many agreements that set up diplomatic relations among countries which lead to the nature of international community the world has today. Another participant wanted to find out from Mr Cutler the level of international cooperation in cyber security the Philippines has today. Mr Cutler opined that the country’s progress is far from the state of cyber resiliency it needs to have. There is a lot of support from other countries (e.g., South Korea, Japan and the US). Other neighboring countries (e.g. Thailand, Malaysia, and Indonesia) are doing well in enhancing their cyber security. Meanwhile, Mr Laggui shared that the local financial industry has very mature IT governance. Most of the banks in the Philippines have Level 3 Maturity6 . Session Three: Cyber Security in Practice The Real Deal of Cyber Attack to National Critical Infrastructure Chaiyakorn Apiwathanokul, CEO, S-Generation, LTD, Thailand It is a general belief that linking the industrial control systems to networks and internet makes them more secure as it allows authorities to manage and control them anytime and anywhere from the planet. On the contrary, doing so only makes them harder to protect as anyone may access them using the right tools. In 2002, a nuclear power plant was forced to temporarily shut down due to a computer virus. When an operator’s infected laptop was connected to the plant’s control system, the virus spread throughout the network incapacitating the safety monitoring system of the plant. Operations had to be temporarily terminated; there were massive blackouts for days. Industrial control systems are one of the most common targets of cyber attacks as they manage and control critical infrastructures in a country (e.g., plants, transport system, traffic system, and dams). Control systems will always have weak points that hackers can exploit. They develop computer viruses to exploit such vulnerabilities, one of the most recent and ill-famed of which is the Stuxnet. The government tries to protect these critical infrastructures through rules, guidelines and regulations. Operators must comply with these laws. Cyber Security: What to do in the event of Cyber Attack? Nebuchadnezzar S Alejandrino, Chief, DND Information Management Office There are three types of network system: 1) those that have already been attacked (e.g. the Vice President’s website); 2) those that are to be attacked (e.g. DND website); and _________ 5 The Peace of Westphalia was a series of peace treaties signed between May and October of 1648 in Osnabrück and Münster. These treaties ended the Thirty Years’ War (1618–1648) in the Holy Roman Empire, and the Eighty Years’ War (1568–1648) between Spain and the Dutch Republic, with Spain formally recognizing the independence of the Dutch Republic. 6 According to Mr Laggui, Level 3 Maturity (i.e., Managed Level) implies a systematic process of handling IT security and governance.
  20. 20. 20 ICT Development and Cyber Security Reader 3) those that are currently under attack. The manifestations of cyber attack are very difficult to discern. Hacking a network is very easy given the right kind of tools. Some resources are available online; anyone can be a suspect. There are even alleged state-sponsored cyber crimes. Dir Alejandrino divided cyber attackers into two–non-state attackers and state actors. The former are individuals or organizations to include the Anonymous7 . When an information system is under cyber attack, it typically hangs, unfamiliar images appear on the computer screens and the system slows down. A network can be penetrated whether it is online or offline. When connected to the internet, a system may get compromised from media or documents downloaded from the web. When offline, a system can still be infected through manual transfers e.g., using thumb drives. In the Department, classified documents are kept isolated and offline to ensure their safety. In case of cyber attack, the most important thing to remember is to not panic. Go offline immediately and report the incident to the local IT office and to the top management. Fortifying your defenses by establishing cyber security team proves to be useful. It is imperative to create a backup system for your network to ensure that operations will not be seriously disrupted. Session Three Open Forum A participant asked Dir Alejandrino’s opinion on the security of cloud computing. Dir Alejandrino opined that cloud computing is not absolutely secure since one does not know to where the data is stored or who may have access to it. Meanwhile, Mr Laggui clarified on use of the term “security.” He said that in the business industry, being secure means that the level of risks is acceptable vis-à-vis the operational requirements. A lot of military officials in the armed forces are exchanging data online via yahoo mail or g-mail. Mr Laggui does not recommend this as these data go to foreign computers. Security means trustworthiness. Trustworthiness means that one have the power to audit the system, verify the controls, and see demonstration of its safety and capability. Another participant emphasized the incidences reported in the presentations wherein states allegedly sponsored conducts of certain cyber crimes. He then asked Mr Apiwathanokul and Dir Alejandrino’s view on whether these states can be considered as terrorist and if so, what crimes can be charged against them. Dir Alejandrino said that it is very difficult to associate acts of cyber crime sponsored by the state to acts of terrorism especially if a state had done it so in the name of national security. Meanwhile, Mr Laggui clarified that alleged state-sponsored cyber crimes are not typically called state-sponsored terrorism but exercise of political will with cooperation from other countries. One of the participants asked the speakers’ opinion on the government using open source8 software in their systems. Open source software can be audited to ensure that the software is free from tampering. With regard software auditing which allows users to examine the source code of software to ensure that it is not tampered, Mr Alejandrino informed the audience that the Philippines does not have an existing relevant law. Mr Laggui _______________________ 1 Anonymous (used as a mass noun) is a group, spread through the Internet, initiating active civil disobedience, while attempting to maintain anonymity.
  21. 21. 21ICT Development and Cyber Security Reader added that software auditing is imperative as it ensures the safety and trustworthiness of software outsourced to handle the country’s critical infrastructure. Summary and Way Ahead Abraham A Purugganan, MNSA Former Head, Task Force for the Security of Critical Infrastructures Mr Purugganan considers the cyberspace as the fifth battle space (in addition to land, air, sea, and space). It entails new rules, doctrines, and rules and regulations. We become increasingly dependent on information systems. Since its beginning in the 1990’s, internet reaches 2 billion people worldwide. Online information and resources (both public and private) have become so lucrative that they have become so inviting to criminal organizations as well as government and corporate organizations. The Information Age has empowered every citizen in the world; however, it has also enabled criminal elements to do evil things to an individual, organization, even a nation. In response, countries are establishing both defensive and offensive cyber capabilities. The Philippines has become a haven for cyber crime not only due to lack of technical know-how, and laws but also the lack of organized national effort. The country has existing cyber capabilities. The easiest way to wage a war is to launch a cyber war. Traditional forms of war entail a lot of resources. Cyber war, on the other hand, only needs a computer, internet connection, and a little programming knowledge. The Philippines has one of the brightest programmers but the country does not take advantage of this. The E-commerce law cannot bring hackers to justice. Local advocates have been lobbying for a cyber crime law for nearly a decade. Critical infrastructure must always be protected. Once cyber terrorists got control of them, government operations and national economy may get compromised. In cyber warfare, it is very hard to identify the enemy. Consequently, it may take a long time to craft an international Cyber ROE. Organized cyber crimes, both terrorist-lead and state- sponsored, are targeting defense industries because of useful information in weaponry and crucial military secrets. Private-public partnership in the country has its challenges. For one, private industries are reluctant to report, to law enforcers, hacking incidences for the fear of losing clients and investments. Nevertheless, the private sector holds most of the critical infrastructures in the country; partnership is imperative. It is also imperative for any information system to have standard countermeasures (e.g., procedures, protocols, and programs). In the National Cyber Security Plan, both the private and public sectors are encouraged to build their protective systems robustly. Industries must invest in security and backup systems to minimize disruptions in operation in the event of cyber attack. In the coming years, all manual ways of doing things may get digitized. As the levels interconnectivity and interoperability increases, vulnerability also increases. In enhancing the country’s cyber resiliency, there is no need to reinvent the wheel in cyber security. There are lot of existing models and programs; all that is needed is implementation.
  22. 22. 22 ICT Development and Cyber Security Reader IV. Closing Ceremony Concluding Remarks by Fermin R de Leon Jr PhD, MNSA, President, NDCP Dr. de Leon expressed his gratitude to Vice President Jejomar C Binay and the DND Secretary Voltaire T Gazmin for being ardent supporters of the Colleges endeavor to engage various stakeholders in academic discourses on many issues and concerns that matters to the country to include cyber security. He also thanked the speakers for guiding the audience in traversing cyber security from theory to practice. He shared that while listening to the presentations, his belief about the contemporary way of living was reinforced. Indeed, as information technology moves forward peoples’ lives become easier but, at the same time, harder. Since access to cyber technology has become universal, it has empowered not only the citizens of the world but criminal minds as well; evolution of technology brought evolution of threats alongside it. He confirmed that cyber technology has its predicaments but he also affirmed that it presents opportunities to include inter-agency and inter-sectoral, and inter-state collaborations. He is optimistic that the activity was able to impart the knowledge, insights, and even skills and values which will equip the participants in confronting the enormous and overwhelming challenges of the 21st Century. # # #
  23. 23. 23ICT Development and Cyber Security Reader Second Forum on Cybersecurity Awareness and Collaboration 27 February 2012 NDCP Honor Hall, Camp Emilio Aguinaldo, Quezon City “How Safe Is Your Money?: Rethinking Cybersecurity”
  24. 24. 24 ICT Development and Cyber Security Reader Keynote Address Rethinking Cybersecurity Honorable Jejomar C Binay, MNSA Vice President of the Republic of the Philippines Speech read by DND Secretary Voltaire Gazmin during the Forum on “How Safe Is Your Money?: Rethinking Cybersecurity” held on 27 February 2012, 9 am, at the NCDP Honor Hall, Camp Emilio Aguinaldo, Quezon City. _______________________________________________________________________________ O ur topic this morning does not require all of us to be cyber experts. It merely requires us to be especially attentive to the new and ever-expanding security environment in cyberspace so as not to be left behind by fast-moving developments.  We do not enter an arcane and unknowable world when we attempt to grapple with the issues of cyberspace. But we need as much as possible to move at a pace equal to the speed at which scientific and technical innovation is taking place and the various cyberspace actors are creating new situations for us to deal with. Security planners, as has been amply demonstrated elsewhere, have the burden of showing that cybersecurity does not have a military application alone.  It has an equally extensive non-military application as well.  Much of what we read about cyber warfare has little to do with cyber crime. There is a tendency on the part of the experts to distinguish sharply between the military threat and the threat to law and order.  The distinction is often so sharply made that different agencies are placed in charge of the one and the other, and they hardly relate to each other.    This approach is not always helpful.  It tends to ignore the possibility, or the fact, that many of those involved in cyber wars are also first involved in cyber crime; they could in fact use cyber crime as their training ground for their eventual engagement in cyber wars.  Some authors have established this link among many non-state hackers who were involved in the Georgian and Gaza cyber wars. In cyber warfare, information weapons are used to attack state and military control systems, navigation and communication systems, and other crucial information facilities to create serious military and civil dysfunctions within a state.  In cyber crime, they are used to attack critically important financial services— banking and credit card transactions, insurance, trading, funds management, and other business and consumer activities that are delivered online to various parts of the economy.  It generates untold profits for the cyber criminals with little or no risk at all.  Deterrence is always hard in both cyber war and cyber crime. It is easier to detect attacks in cyber war than it is in cyber crime, but correct attribution, after detection, may be a lot harder in cyber war than it is in cyber crime. 
  25. 25. 25ICT Development and Cyber Security Reader In cyber war, the target knows immediately when it has been attacked; in cyber crime, it sometimes takes a long time before a financial institution realizes that it has been attacked.  For instance, in 2009, the victim of the one of the biggest data breaches in us history, involving 130 million accounts, did not know that hackers had an uninterrupted access to its secure network until five months later.  This was but one of the many cases reported or unreported that year.  In the past six years, according to one online report, US companies have reported 288 other data breaches, which compromised at least 83 million records of private individuals.  The cost to each individual usually runs high.  Such cost is compounded when the sensitive nature of the victim’s business, like that of a bank, prevents it from reporting the breach to the appropriate authorities as soon as it is discovered, or if and when the attacked institution or the appropriate authorities do not have the legal means to swiftly and adequately respond to it.  In one famous case last year, a US senator demanded to know why Citibank took about a month to report a breach affecting his credit card account and that of some 360,000 others in North America.  The damage to the credit card holders was never disclosed, but the senator pointed out that the institution had a fiduciary and business responsibility to notify its customers about the breach, so they could protect themselves. This particular incident prompted calls for stronger legislation requiring breached businesses to notify their affected customers.  Thus far only 45 U.S. States have such breach notification laws. Nothing similar exists in the Philippines. Of all transnational crimes, cyber attacks on financial institutions are said to be yielding the highest financial returns—— higher than those from drugs and arms smuggling, kidnapping for ransom, human trafficking, and others.   And no one has been prosecuted for any of them. These high, risk-free returns are bound to encourage local criminals to exert a much larger influence on the cyberspace underground, just as they have done so in Russia, Japan, Hong Kong, the United States, among others.   This is where the real challenge lies. It is primarily a task for the law enforcers. There is an urgent need to intensify efforts at cyber crime prevention, detection and prosecution.  We need to have the correct and adequate laws to protect our financial systems and institutions and private individuals, but these have to be supported with the appropriate and adequate facilities and manpower. Precisely because modern technology has made the financial services so sensitive and vulnerable to every slight disturbance, we need the best laws and practices to ensure the most reliable means to guarantee public confidence in our monetary system.   The Cybercrime Prevention Act of 2012, which has passed the senate, is a good start, but it barely scratches the surface and is just really a beginning. We need the most
  26. 26. 26 ICT Development and Cyber Security Reader comprehensive cyber security laws to put us ahead of the most determined elements who specialize in cyber crime. We also need to put good money into cybersecurity research, intelligence and analysis, and to collaborate with the private sector whenever government resources are lacking in order to undertake such research and put it into practice for better cybersecurity of the financial services sector.  This is vital to the interest of both the public and private sectors. For this reason, it could be a most suitable project for the public-private sector partnership program of the administration.  Working together, the public and private sectors have an easier way of advancing the state of the art in information technology and cybersecurity through innovations in mathematics, statistics and computer science, the development of measurements and standards for emerging information technologies, and the deployment of I.T. systems that are reliable, interoperable and secure. Together they also stand a better chance of protecting the physical and electronic infrastructure of the financial services sector. These are just some of my thoughts on the subject.  I hope to learn more from the experts at this meeting.    Thank you and good morning. # # #
  27. 27. 27ICT Development and Cyber Security Reader Highlights of the Second Forum on Cyber Security Awareness and Collaboration How Safe Is Your Money?: Rethinking Cyber Security I. Background T he Forum on “How Safe is Your Money?: Rethinking Cyber Security was held at the National Defense College of the Philippines (NDCP) Honor Hall on 27 February 2012 in collaboration with the Office of the Vice President (OVP) and the NDCP Alumni Association, Inc (NDCPAAI). The forum provided a platform for information dissemination and awareness to participants from government agencies, private sector, and the academe. Key persons were invited as speakers to expand security awareness and education as well as ways to improve cybersecurity as a means to protect national security. The objectives of the forum were: 1) to promote awareness and advocacy campaign; 2) to mainstream cybersecurity concerns among various sectors, and 3); to discuss and share best practices in enhancing cybersecurity of various financial institutions. The forum is intended to serve as a platform to discuss and provide awareness and facilitate exchange of knowledge and ideas on current status of cybersecurity in the Philippines and what can be done to address current exigencies that are emerging because of the advancement of technology. In his opening remarks, Vice President Jejomar C Binay said that “there are new situations to deal with” because of the threat to cybersecurity where there is “cyber warfare that poses military risk and threat to law and order.” He emphasized that people who are involved in cyberwarfare must have first committed cybercrimes.” He defined cyberwarfare as activities in the cyberworld that have the potential to cause civil and military dysfunction. Cybercrime, on the other hand, may include attacks (e.g., data breach, disclosure of trade secrets) against financial institutions to generate unlawful profits. Moreover, he highlighted the need for an “accurate attribution to cyberwar and cybercrimes” because more often than not it “takes a long time to ascertain when an institution is attacked.” The lack of related legal foundation in the country has to be addressed because currently there is no legal means to punish perpetrators unlike in the USA where there is a strong legislation for disclosure due to the fiduciary nature of business especially in the financial sector”. It is an issue of paramount importance because, no one has been prosecuted yet though cybercrimes are committed everyday. More importantly, cybersecurity encompasses a much larger influence because it is transnational. Consequently, there is an urgent need to intensify reports on cyber violations, provide enabling laws and practices so that public’s confidence in the monetary system may be regained. The issue of cybersecurity is of vital interests to both private and public sectors; partnership is then necessary to eradicate the cybersecurity threats.
  28. 28. 28 ICT Development and Cyber Security Reader Six experts discussed the current practices in the Philippines regarding cybersecurity, its current status, development of products, and technological advancements today. Session One of the programme focused on the private and public sector perspectives of cybersecurity and how they have coped with the dynamics in the cyberspace. Meanwhile, Session Two focused more on security measures taken by the companies which provide information and communication technology. The summary of the proceedings was done by Attorney Ivan John Enrile Uy, Former Chairman of the Commission on Information and Communications Technology. The forum generally focused on public, private, and public-private initiatives to strengthen cybersecurity with a particular focus on the financial sector. In addition, measures which can be taken by the public to protect themselves amidst the growing technological advances today were also discussed. II. Opening Ceremony Welcome Remarks by Honorable Voltaire T Gazmin Secretary of National Defense (Speech read by Undersecretary Honorio Escueta) Sec. Gazmin focused on the expansion of cybersecurity awareness and education. He appealed to those present to contribute and do their part so that cybersecurity will be strengthened. He emphasized the need for initiatives to improve cybersecurity for protection of national interests and security. Keynote Address by Honorable Jejomar C Binay, MNSA Vice President, Republic of the Philippines and President & Chairman, NDCPAAI Currently, there are no laws in the Philippines which deal with cyberwarfare and cybercrimes. The lack of pertinent laws poses threat to peace and order. He emphasized that valuable information, which is disseminated with the use of technology can possibly cripple civil, military, as well as private institutions involved in the business of banking, financing, and insurance. Considering the dynamics of crimes committed in the cyberspace, Vice President Binay urged the audience to work together to enhance security in the cyberspace. Vice President Binay affirmed that the issue of cybersecurity is of great importance due to transnational nature and more so perpetrators are not easy to pursue. III. Plenary Sessions Session One: Public and Private Sector Relationship and Cybersecurity How Do Banks Secure Information Assets? byManuel Joey A Regala VP, Information Security Dept, Universal Bank President and Member, ISACA Manila Chapter Mr Regala reported how finance institutions set up security measures to protect their client’s money. He stated that banks secure data, in digital form, which are valuable to the organization. He emphasized that assets are confidential. Banks have developed a formidable security module that recognizes that hackers now use improvised cameras that enable them to see a potential victim’s personal identification number (PIN) to cash out the
  29. 29. 29ICT Development and Cyber Security Reader money from their clients. They also have improved their transaction receipts because now, it has marked account numbers to protect their clients. Banks, he said, have improved their security by providing an in depth defense mechanism in layers. This protects data and provides technical assurance that the risk of acquiring technological advancement with making banking easier will be managed. The mechanism includes the physical, host and data security. He underlined that data security goes through the process of encryption, authentication and use of password in every bank transaction. Mr Regala also stated that check and balance is done by the banks in order to meet certain standards and audit requirements set by the internal and external auditors of the Central Bank of the Philippines. Banks have also established security measures that consist of a perimeter network, operating system, application layer and final core. He said that the inner core is the “holy ground” of the security system of banks and that the host hardens the operating system so that hackers won’t be able to penetrate the system and thus, effectively prevents intrusion. The system also protects itself from virus and has audit locks. This allows banks to ensure the safety of their client’s money. Moreover, Mr. Regala emphasized that authentication is vital and that they have encrypted one time passwords, automatic timeout, digital certificates, and tokens to ensure that cyber banking is secure. His recommendation is to promote awareness for cybersecurity to enable human factors, interlinkages, culture, governance and support to come to fruition and strengthen cybersecurity. Cybercrime and How It Affects National Security Rear Admiral Vicente Agdamag, AFP (Ret) Deputy Director General, National Security Council (NSC) Admiral Agdamag’s presentation was about the role of the public sector with regard to cybercrime and the importance of cybersecurity as a national security issue. The first known incident that gave rise to the threat to national security in the Philippines is the “love bug” that damaged over 12 billion dollars worth of computers. There are also insurgences of cyberterrorism activities that attacks computer networks and ultimately destroy infrastructures. He noticed that there is lack of training with regard to cybersecurity that the national security is threatened. There is no information system on how such attacks can be dealt with. Moreover, there is no legal regime upon which cybersecurity measures can easily be distinguished and established. There are still questions on how to acquire jurisdiction and evidence. There is an urgent need to provide for laws that are apt to the current situation and threats to cybersecurity. There is even a development of HB 1246 Anti-cybercrime Act of 2011. It is wise to remember that the policy of the state is to undertake steps towards the enhancement of the Filipino people. Their welfare, protection of sovereignty, and protection of national territory must be taken into consideration. The state must continue to pursue regional cooperation in cybersecurity. In fact, the state has mandated that there should be five (5) groupings, which is divided into political group, diplomatic group, economic group, information group and military group. The political group will be led by Department of Interior and Local Government; the diplomatic group, by the Department of Foreign Affairs; the economic group, by the National Economic Development Authority; the information group, by the Communications department by the Office of the President; and the military, by the Department of National Defense. He
  30. 30. 30 ICT Development and Cyber Security Reader stated that the way forward is through information exchange, emergency response, research activities, and continuing efforts to combat threats to cybersecurity. Open Forum (facilitated by Atty. Ivan John Enrile Uy) Mr. John Ruero ISACA, ISA, and Philippine Society of IT Educators member commented that the academic sector was not represented in the presentation of the public sector. Admiral Agdamag, said that there is an assessment card where they are pushing for manpower development and human resources. The factors that were taken into consideration were legislation, budget, infrastructure, and equipment. Nathaniel Marquez of RC 46 asked if the government has come up with a national policy regarding information and types of information that needs protecting. Admiral Agdamag affirmed the need of this kind of policy not only as data management but also to increase awareness because information is now used as weapons to destabilize national security. However, he said that as of now such policies are just being developed. DOJ Response to the Challenge of Cybercrime ASec Geronimo L. Sy, Planning and Management Service, Department of Justice ASec Sy talked about the DOJ Response to the Challenge of Cybercrime. He talked about how cybersecurity is an encompassing concept where cybercrime is only a part of it. He thought that Senate and House Bills should include criminal reforms on crimes committed in the virtual world and should not be left to the information and technology committee. He also talked about the legal and technical competency of members of the proposed committee to ensure that laws meet global requirements. Moreover, he tackled the issue as to how laws should enumerate and distinguish each of the cybercrimes punishable under our law so that the DOJ can validly respond and propose a change in the Rules of Court to admit a procedure for cybersecurity violations. Open Forum Drexx Laggui a computer forensic expert posed the question as to when one should stop electronic discovery and what are the existing guidelines and limitations. ASec Sy answered that in Brussels, Belgium it takes 3-6 months for forensic investigation and at present, it is still a global problem that needs to be addressed. There has to be changes with the Rules of Court regarding procedure and at the moment, the DOJ is training prosecutors ready to try cyber cases. Ms. Cristina Exmundo, MNSA RC 47 student, said there are international laws that regulate war. She asked if it was also the case for cyberwarfare. ASec Sy shared that in the United States there is a scale that could amount to cyberwarfare. In the Philippines, the law is still in the development phase. General Ozeta posed the question as to what is the government policy on information and who is the manager of such information. ASec Sy answered that the DICT bill intends to give focus on the information anchor. He also said that the government is generating information for knowledge and guidelines. Although the DBM has the power of purse, there should still be check and balance with regard to the budget allocated for cybersecurity measures. LtCol. Roxas of Naval Plans Office asked whether the information warfare capability as a hacker and as a deception device can be
  31. 31. 31ICT Development and Cyber Security Reader used in the military. ASec Sy answered that there is a multiple track approach and that there is no such policy yet because focus is more on physical equipment for the military. He also said that information policy should be relative to the national security policy so that it could be used as input into national defense. Dr. Lemuel Braña, UP Professor and advocate of information security identified specific problems, which are coordination and management and lack of standard to protect gateways or websites. ASec Sy agreed and said that the problem is human agency and there are vulnerabilities in the concept of cybersecurity which pose the question as to who is going to do it. Dir. Nebuchadnezzar S. Alejandrino, Chief, DIMO asked Mr Regala to rate the status of cybersecurity in the Philippines. Mr Regala, said that he agreed with ASec Sy that we are in the low level. However we are using “stealth technology” which is in a defensive mode and he considers this a great start for cybersecurity. Dir. Alejandrino asked ASec. Sy as to his legal standpoint on the need for a homeland security agency. ASec. Sy answered both yes and no. He said yes because there is a need for a coordination but he also said no because we do not need another super agency. He said that what we need is a “web approach” which is resilient for technological problems. He was asked if there are plans for homeland security; he said there is no DICT yet. Dir Alejandrino asked Vice President Binay for policies to address the issue of foreign countries training students to hack. The Vice President said there is no need to put a special body to do task like that; what needs to be addressed first is coordination to facilitate collaborative, multi-agency effort. The coordinating officials must have moral ascendancy. Lieutenant Feliciano shared that after training the police to highly technical experts they are tempted with more lucrative jobs in the private sector. In connection, he asked what the government current retention plans are. ASEC Sy answered that the qualification standards of Civil Service Law should be abolished since it has been promulgated in the 1960s and no longer covers jobs, which involves technology. He said that there should be results based governance. Mr Dan Crisologo, a former head of Cybersecurity of NBI, and is currently a member of the ICTO shared that the government has allotted one (1) billion pesos for cybersecurity to implement Executive Order 47. Session Two: Technical Specifications in Ensuring Cybersecurity in Gadgets and Operating Systems iOS Security, John Andrew Lizardo, Training Supervisor and Professional Business Unit Apple (PowerMac Center) Session Two focused more on the technicalities of how security measures have been undertaken by various companies to adapt to the concept of cybersecurity. The first presentor was Mr. Lizardo, which focused on the security features of the iPhone Operating System or iOS. The Layered security of iOs covers device security, data security, networking security and application security. In device security, the operating system has passcode, policies, and device restrictions. Passcode policies require passcode on device, allow simple value, require alphanumeric value, minimum passcode length, minimum number of complex characters and minimum passcode age.
  32. 32. 32 ICT Development and Cyber Security Reader Furthermore, a 256-bit AES hardware protection is always on all data. In data protection, there is a five-level encryption and mail and third party application. With regard to network security, encrypted network traffic, strong authentication, and end-to-end encryption in Message and Facetime. Application Security includes mandatory application signing, sandbox applications, encrypted keychain, security framework for development and managed application via Mobile Device Management (MDM). The MDM capabilities are to install and remove configuration policies, query devices, manage application, remote wipe and lock and clear passcode. However, in order to utilize the MDM, the user should be enrolled to it. If the user has already enrolled to MDM, he can perform authentication, certificate enrollment and device configuration. IT Security Best Practices for Windows Platform Freddy Tan, Cyber Security Strategist, Microsoft Asia Mr. Tan’s presentation started with addressing the question on who holds the responsibility and accountability in cybersecurity which is very important. He said that Filipinos are adapting Information Technology (IT) and that is a good sign. However, the country ranked 85 in 2010 and 86 in 2011 in Network Readiness. The ranking implies that the Philippines is not equipped in terms of networking. He mentioned that cyberwar, sabotage and political change are the threats in cyberspace. He also stated that a malware program like Stuxnet, a computer worm, is commonly used as a weapon to destroy the system. With respect to Microsoft security, he admitted that there are wide operating systems (OS), browsers and applications vulnerabilities and that Windows XP is the most infected OS. Therefore, if the user wants security, he should discontinue using XP and update the machine or the OS. He recommended that users have to buy the Windows 7- 64 bit if they want security. He opined that a well-managed secure infrastructure is the key and there should be a standard operating environment such as the US Airforce Standard desktop. Microsoft has rights management services, which include bit locker, network access protection, etc. Android Security Charo Nuguid, Java and Android Training and Development Consultant Co-Founder, MobileMonday Manila The presentation focused on Android Security Model, user behavior vs. permissions and best practices. The security features of Android are as follows: 1) Security at OS level through linux kernel; 2) Mandatory application sandbox for all applications; 3) Secure interprocess communication; 4) Application signing and; 5) Application-defined and user- granted permissions. It was discussed that Application Program Interface (API) may only be accessed by explicitly declaring permission. Based on a survey they conducted, 17% looked at permissions before installing and 56.7% do not install because of permissions. The survey wanted to show that an application security is still dependent to the user. The best practices to secure the files are: 1) Use Android SDK instead of native code; 2) users should only ask for needed permission; 3) do not load code from outside the application; and 4) use authorization tokens instead of storing usernames and passwords. Data storage was also discussed. Data storage is divided into internal storage and external storage. In internal storage, files created are only accessible by the application that
  33. 33. 33ICT Development and Cyber Security Reader created it and local files may be encrypted as additional security for sensitive data. On the other hand, files created on the external storage are globally accessible and readable. In addition, data storage by content providers provides a structured storage mechanism that can be limited to the applications or exported to allow access by other applications and it is exported for use by other applications by default. Open Forum When if there are any efforts on the part of the providers to make settings understandable for them, Mr Tan answered that there are two sides of the coin— if a person is not technical and they experienced technical errors, they should look for people who had experienced the same error and let them fix it. If a person is technical, on the other hand, they do it themselves because they understand it and can configure it on their own. Mr Lizardo answered the question by saying that there is online support i.e., www. where it is a knowledge base forum for all apple users to find the best practices in configuring apple devices. Ms Nuguid on the other hand said that everyone can access wifi and the network – these facts are known to the developer. However, there are still definitions or descriptions that are not for everyone to understand. What one can do is to tell their contacts at Google that everyone has a problem with this configuration and that there is an error. This error is due to the fault of the developer and it is the obligation of users to let the developers know so that they can be conscientious enough to know what could happen and what the user could do. Dir Alejandrino asked Ms Nuguid if she would recommend android for military usage. Ms Nuguid answered that it is good enough for military usage and that security depends on the user because the user should be conscientious enough to notice that there are applications which access data that it shouldn’t be accessing. Security, ultimately, depends on the person holding the device. Dir. Alejandrino further asked if it could do telepresence (video conferencing). Ms Nuguid answered that it depends on the device you are using if it supports such applications. Usually such devices that support telepresence are ones that comes with two cameras. Dr. Diaz of MNSA Class 47 asked the speakers to expound on standardizing the operating system. Mr Tan answered that it is due to the Standardization of Global Policies or GPO. There is already a password, which is a form of configuration of the machine. It is also up to the user to install applications or to change firewall settings. The concept of standardization, which the US government is planning to publish, is being able to manage all types of desktop regardless of its type. Eugene Galang, ICTO, NDCP, asked if the companies they are representing ask help from ethical hackers to test newly developed systems before launching them. Ms Nuguid said that ethical hackers are those who get in the system, would tell the company what they should have done but they do not get paid. Usually ethical hackers remain anonymous. Unlike in the company of Oracle, they employ really good hackers to test their system. Mr Lizardo said that in Mac they have a developer system, which functions as a community where they sample codes for an operating system and then they give feedback. They test out compatibility issues and try new applications. This minimizes the attack that no such hacking would be done so long as one registers as a developer with them. Mr Tan said that there was a time when Bill Gates sent his employees back to school so that there would be
  34. 34. 34 ICT Development and Cyber Security Reader a security development project team. This enabled Microsoft to stay on top of its game. One participant asked, if the rival companies know the strength and weakness of each other and if they help each other to improve themselves? Ms Nuguid confirmed this but clarified that it is in an indirect manner because they get tips from the others through latest platforms each one launch. Mr Lizardo said that, Apple has provided others with tips. For example in 2006, there were a lot of improvements such as permissions and there were heads up from competitor companies. It has been Apple’s vision to have a peaceful co- relation with them. Mr Tan provided that programs provide information to other technical communities and that there is an MSDR, which is a research to disclose third party software to other companies. A participant further commented that they all share same information, same vulnerability and so everyone could address it. Summary Atty Ivan John Enrile Uy, Former Chairman, Commission on Information and Communications Technology (CICT) Atty Uy said that there should be collaboration from both public and private sectors to ensure that national security through cyberspace would be protected. As his last parting words before he gave the floor to Dr De Leon for his closing remarks, he said that it is everybody’s duty to uphold and spread awareness for cybersecurity because we all share cyberspace as an information highway and therefore, we all have a stake at keeping it safe. IV. Closing Ceremony Concluding Remarks Fermin R de Leon Jr PhD, MNSA, President, NDCP Dr De Leon thanked Vice President Jejomar C Binay for the unrelenting support to the growing concern regarding cybersecurity. It is indeed important to know how to keep our money safe because we have worked hard for it. It is our endeavor to disseminate information to ensure cybersecurity so that there would be no cyberwarfare and cybercrimes. Everybody is involved in this because it is an issue that involves national security. Therefore, there should be cooperation and collaboration among public and private sectors to ensure that the threats would be addressed and ultimately, perpetrators would be held accountable. Moreover, he said that cyberspace is common to everyone and affects everyone because there is already a holistic view on national security and therefore, these information and assets vital to the national interests must be protected. Dr De Leon hoped that the forum enabled the participants to have new insight and knowledge that will allow them to disseminate information and awareness to confront the challenges posed by cybersecurity issues. # # #
  35. 35. 35ICT Development and Cyber Security Reader Seminar-Workshop on Cybersecurity 6-8, 11 June 2012 Honor Hall, NDCP, Camp General Emilio Aguinaldo, Quezon City “Towards Information, Communication and Technology Development (ICTD) and Cybersecurity Enhancement”
  36. 36. 36 ICT Development and Cyber Security Reader Opening Remarks ICT Development and Cybersecurity Enhancement USec Benjamin E Martinez Jr. Chief of Staff, Office of the Vice President Remarks delivered during the Opening Ceremony of the Seminar-Workshop Towards Information and Communications Technology Development and Cybersecurity Enhancement held on 6-8, 11 June 2012 at the Honor Hall, NDCP, Camp General Emilio Aguinaldo, Quezon City. _______________________________________________________________________________ D r. Fermin R De Leon, Jr, President of NDCP, RAdmiral Roberto Estioko, Executive Vice President of the NDCP Alumni Association, Inc., distinguished speakers, participants to this seminar-workshop, guests, participants, ladies and gentlemen, a pleasant good morning. It is both an honor and a privilege to be with you today, as we open our, “ICT development and Cyber security enhancement” workshop. For the next three days, Subject Matter Experts shall provide us a wide spectrum of the cyber infrastructure enhancement and threats, from global crimes, terrorism, forensics, to its implications to our office and country. I advise you, to open your minds, solicit questions, proactively participate, and I assure you, you will gain enough, if not exceedingly. This venue, I believe, is most apt for us, as stakeholders, to come together and address the enduring problem we face. As our country continues to rely on technology, we have become no stranger to cyber crimes and cyber activism. We must recognize that our infrastructures and processes are now heavily dependent on Information, Communication Technology (ICT) specifically the internet; hence, we are vulnerable to threats as well. In our region, just April this year, during the height of the Scarborough Shoal standoff between the Philippines and China, the University of the Philippine’s portal was defaced which left a map of China on the main page. In retaliation, some suspected Filipino hackers strike back by also defacing Chinese websites. In the end, the incident left little room for prompt, amicable, and diplomatic agreement and eventually, only intensified the tension between the two states. The borderless arena of innovation has become a key player in developing multilateral ties and diplomatic relations among nations. In the business sector, with the high growth of the business process outsourcing (BPO) industry and its gross economic contribution to the country, securing the ICT infrastructure is most crucial. Potential cyber attacks are rendered detrimental to the business continuity of BPO operations. Our BPO establishments’ resilience to cyber attacks
  37. 37. 37ICT Development and Cyber Security Reader or lack thereof, shall project what image our customers and competitors in the global market will see. Also, let us not forget our ethical and moral standards against cyber prostitution. Though millions or billions of dollars may be lost through cyber attacks, and denial-of- service attacks, the emotional and psychological damage cyber prostitution can have on people far exceeds such monetary damages. The internet and the cyberspace must always be treated with utmost care and diligence; we must protect it to protect our people. It is with this, that collaboration and cooperation between private and government stakeholders in reinforcing our cyber security threshold becomes our prime goal. There may still be much work cut out for us, to become a technological powerhouse. Yes, we may be constrained by financial adequacies. But more than that, we need to answer questions like-- what should be our National Vision on ICT and Cybersecurity? Where we are now on ICT development and Cybersecurity? What can be done now or what are the necessary first steps to be done? I don’t have all the answers to these few questions. But the fact remains that for as long as we are here today and for the next few days, our adaptability and love for technology compel us to contribute to this national and global effort in fighting cybercrimes, strengthening cybersecurity, and enhancing our information and communication technology. We can only effectively push forward and strengthen our cyber environment through coordination and collaboration among all stakeholders. Rest-assured, our efforts will bring us far. Maraming salamat at mabuhay! # # #
  38. 38. 38 ICT Development and Cyber Security Reader Highlights of the Seminar-Workshop on Cyber Security Towards Information, Communication and Technology (ICT) Development and Cybersecurity Enhancement ____________________________________________________________________________________________________________________________________ I. Background The National Defense College of the Philippines (NDCP), in partnership with the Office of the Vice President (OVP) and the NDCP Alumni Association Inc (NDCPAAI) conducted a seminar-workshop entitled “Seminar Towards Information and Communications Technology (ICT) Development and Cybersecurity Enhancement” held on 6-8 and 11 June 2012, 8:00AM- 5:00PM, at the NDCP Honor Hall, Camp Gen Emilio Aguinaldo, Quezon City. The four-day seminar, designed for executives and senior managers in the government and private sector, and senior military and police officers, aims to provide participants with a comprehensive understanding of cybersecurity from management to technology aspect. Intended for 60 participants, the seminar is rigorous, dynamic and interactive utilizing a combination of classroom-based lectures and learning events. Leading experts and practitioners from the industry were invited to speak including Dr Stephen Cutler of the Official Global Control Corporation, Mr Angel Averia and Mr Alberto Dela Cruz of the Philippine Computer Emergency Response Team (PhCERT),  Dr Lorenzo Clavejo of the National Security Council, Mr Simoun Ung of the Philippine Veterans Bank (PVB) Card Corp, SI-III Joey Narciso of the National Bureau of Investigation (NBI), Dir Raymond Estioko of the Bangko Sentral ng Pilipinas (BSP), Mr John Abraham Ruero of the Information System Security Association (ISSA)– Manila Chapter, Ms Janette Toral of the Philippine Internet Commerce Society and PCInsp Felizardo Eubra of the Philippine National Police (PP). A total of 65 participants from various government agencies and private companies participated in the said seminar. Among the agencies represented include the Armed Forces of the Philippines (AFP), Philippine National Police (PNP), Commission on Elections (COMELEC), Department of Environment and Natural Resources (DENR), Senate of the Philippines, National Security Council, Department of Health (DOH), Metro Manila Development Authority (MMDA), Department of Science and Technology (DOST), Department of Tourism (DOT), Department of Trade and Industry (DTI), Office of the President (OP), Department of Interior and Local Government (DILG), Bangko Sentral ng Pilipinas (BSP), Office of the Vice President (OVP), Philippine Public Safety College (PPSC), Department of Energy (DOE) and the Department of National Defense (DND). Furthermore, private companies and international organizations represented include De La Salle University (DLSU), International Organization of Migration (IOM), Zperia and Asian Institute of Management (AIM).
  39. 39. 39ICT Development and Cyber Security Reader II. Plenary Sessions Day 1: June 6, 2012 Session One: Cyber War and Cyber Terrorism, Stephen P. Cutler PhD Cyberspace as defined by the speaker, a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. Today, our nation faces an evolving array of cyber-based threats arising from a variety of sources. These threats can be classified as intentional and unintentional. Intentional threats are those attacks which come from different sources such as hackers, criminal groups, and terrorists. However, unintentional attacks are those caused inadvertently by the disrupt system such as defective equipment and system upgrades. Thus, securing one’s nation against these evolving cyber-based threats depends entirely on the enhancement of national security and national defense strategy. The growing trend of cybersecurity is leading towards the increase of diverse criminal elements. These are the spamming, identity theft, dispersal of virus/worms, several types of fraud schemes, attacks on servers/systems and the like. Hence, the speaker clearly emphasized on the use of cyber space as a tool to commit crimes. This kind of threat continues to emerge and is rapidly changing. Given the situation occurring now, the nation should double its efforts in combating the continuous transmission of malevolent attacks in the cyberspace. In order for a nation to succeed and prevent the disaster that cybersecurity imposes, the speaker proposes that it should begin with a competitive plan for recovery, clear policies, strong foundation of leadership, diplomatic and economic efforts, strong and solid alliances and cooperation among the government, military and the private sector. Session Two: Philippine Cybersecurity: General Situation Angel Averia Jr. Cyberspace and the internet are interrelated. The speaker has shown a conceptual view of the cyberspace ecosystem divided into 5 categories: geographical location, people/ users, internet identities, IP addresses, and networks. Business relations and social interaction increase rapidly with the use of the internet as a tool to communicate. This new trend that the cyberspace executes leads us to a new global culture, which, on the other note brings harm and increase in the volume of sophistication of malevolent attacks. At present, the Philippine ICT is continuously enhancing its defense against cybersecurity. It has adopted several transformations such as migration to cloud services, increase in the use of social networks, rise of mobile devices and active internet exchanges operated by Telcos. But alongside with these changes, the country is vulnerable to cyber- attacks as discussed by Mr. Averia. He has presented several recorded incidents of identity thefts, hacking, scamming, harassment, estafa/fraud extortion, pornography and web defacement attacks from 2011 up to present. Furthermore, he also discussed the recently cyber-attacks in the Philippine government websites.