Solon flags cybersecurity risks to financial institutions
RAISING urgent concerns over looming cybersecurity threats, a lawmaker stressed the need to “tackle preemptively” the factors that could heighten risks to financial institutions and public utilities in the wake of the hacking spree targeting government institutions.
A statement quoted Senator Sherwin T. Gatchalian as saying the incidents of hacking appears to be “organized.” Gatchalian added, in Filipino, that the incidents of hacking seems not a coincidence.
“Pero ang tingin ko posibleng umpisa lang ito ng mga makikita pa nating mga problema,” said the lawmaker. [But I think it’s possible that this is just the beginning of the problems we will encounter.]
He aired concerns that “certain institutions including banks and public utilities and critical services such as airports, water distribution, and power transmission lines are at risks if they are caught off-guard.”
The senator stressed the need to promptly address the issue, warning that “nakikita dito na hindi talaga tayo ready.” [This shows the government is unprepared.]
“We need to act right away. This is a clear and present danger that we need to address right now,” Gatchalian added.
The solon cited that there is a “series of cybersecurity attacks against government agencies, which hold crucial databases.” He listed these as the Philippine Statistics Authority (PSA), the Philippine Health Insurance Corp. (Philhealth) and the House of Representatives.
Gatchalian said these attacks “underscore the government’s lack of readiness to fend off such cybersecurity attacks.”
Moreover, the senator recalled that even the Department of Information and Communications Technology (DICT) “has admitted that the government is ill-prepared” for such incidents.
Gatchalian earlier said he favors providing DICT with confidential funds to help enhance the agency’s capability to help shield the country from cybersecurity attacks.
He added, speaking partly in Filipino, that “this is a concerted effort. They are deliberately attacking and testing the government’s capability. We should be concerned that this could get worse.”
At the same time, the senator reiterated his proposed legislation designed to strengthen the cybersecurity capabilities of organizations in the country.
“Specifically, the proposed measure will require organizations to have their own cybersecurity officers and develop cybersecurity plans.”
As filed, he noted that Senate Bill 2066 (Critical Information Infrastructure Protection Act) mandates all covered critical information institutions to adopt and implement adequate measures to protect their ICT systems and infrastructures and respond to and recover from any information security incident.