Chinese APT behind cyberattacks on PH Coast Guard – DICT official
'The tactics, techniques and procedures, which mean the behavior of the attacker is very, very similar to APT41 which is a Chinese group,' says DICT Undersecretary Jeffrey Ian Dy
MANILA, Philippines – A Chinese advanced persistent threat (APT) is behind the cyberattacks on the online sites of the Philippine Coast Guard, a Department of Information and Communications Technology (DICT) official said on Wednesday, June 26.
A Presidential Communications Office (PCO) press statement quoted DICT Undersecretary Jeffrey Ian Dy saying this in an ambush interview in Malacañang on Wednesday.
“The tactics, techniques and procedures, which mean the behavior of the attacker is very, very similar to APT41 which is a Chinese group,” he was quoted as saying
Dy said that the DICT bared this earlier in a meeting with various government agencies.
“DICT has been very transparent…because we believe that the only way we can fight…to strengthen our cybersecurity is to increase our visibility on gray zone operations. Kasi gray ito (Because this is gray). I mean they are operating in the dark,” Dy said.
He added that there have been previous reports from the United States as well as media reports from other countries “that Chinese actors are actively acting on certain government’s online site.”
Dy clarified, however, that the group behind the cyberattack is not the Chinese government.
“Let me clarify. I never said it’s the Chinese government. I’m just saying it’s a Chinese APT. Magkaiba iyon (That’s different),” Dy said.
The DICT official made the statement amid souring relations between the Philippines and China over the West Philippine Sea. The Philippines just filed a protest over China’s disruption of a June 17 resupply mission to a military outpost in the West Philippine Sea.
APTs work quietly on long-term cyberespionage campaigns to acquire data on targets of interest.
“APT groups typically have various objectives when they attack a nation. These objectives often align with the strategic needs of the government that sponsors them,” the PCO said in its press statement.
In 2016, network security firm FireEye said that Philippine organizations were twice as likely to face an advanced cyberattack compared to the worldwide average.
In 2021, Russian cybersecurity firm Kaspersky said it had discovered “a rare, widescale advanced persistent threat (APT) campaign against users in Southeast Asia, most notably Myanmar and the Philippines.” – Rappler.com