PH-China hacker wars may affect banks, telcos

by Dharel Placido,

Posted at Apr 23 2012 04:36 PM | Updated as of Apr 24 2012 04:52 AM

MANILA, Philippines (UPDATE 1) – An IT expert on Monday said critical services relying on the Internet may suffer from the escalating tension between alleged computer hackers from China and the Philippines.

Ivan John Uy, former chairman of the defunct Commission on Information and Communication Technology (CICT), said critical services like banking and telecommunications may suffer in case the cyber war between alleged hackers from China and the Philippines continues.

“They (alleged Chinese hackers) can retaliate, and they can attack critical infrastructures, such as those of financial institutions, telecommunications facilities, ATM network,” Uy said.

The University of the Philippines website was defaced by alleged Chinese hackers last Friday. They defaced the website with a map showing China’s 9-dash line theory, the position taken by China in its claim over the entire South China Sea.

The hacking of the UP website was carried out amid the standoff between the two countries near a portion of the disputed seas known internationally as the Scarborough Shoal.

Alleged Pinoy hackers then struck back over the weekend, defacing several Chinese websites on Saturday.

Tracing hackers

Uy said the origin country of a hacker can be identified through his Internet Protocol address (IP address).

He said information that reached him indicated that those who hacked the UP website were from China.

He, however, noted that hackers are also capable of obtaining fake IP addresses, keeping their location untraceable.

“It could be instigated by a third country,” Uy said.

He also noted that Chinese government had become a subject of international criticism for supposedly funding hackers for cyber espionage.

UP won't identify country of origin of hackers

Meanwhile, UP President Alfredo E. Pascual denounced Monday the hacker or hackers for defacing the UP System website last Friday with a politically charged message on the territorial dispute between the Philippines and China.

In a statement, Pascual said the April 20 incident deprived the public of vital information related to UP "especially the schedule of commencement exercises in the nine UP campuses and the April issue of the UP Newsletter which was uploaded only last 17 April."

He denied that private data was stolen during the incident. "The UP constituents' data contained in the computerized registration system, WebMail and others were not compromised," he said.

He said a report from the University Computer Center  said "the hacker or hackers exploited a vulnerability of, and added unwarranted content to, the website at around 2:20 a.m. on 20 April."

"The UCC technical team became aware of the situation at around 4:50 a.m. and responded immediately by closing all access to the web server," he said.

The UP president said that while UCC has been able to trace the IP address of the perpetrator, it will not identify the country of origin because IP addresses can be masked. It also noted that hackers can compromise a machine from that location to deface the UP System website.

UP appealed to the public to avoid jumping to conclusions and taking action that could further inflame people's sentiments, particularly on the territorial dispute between the Philippines and China.

"Hacking selected websites at the suspected country of the hacker or hackers does not objectively articulate any political issue and only subjectively fulfills a personal desire to 'get even'. Giving the perceived 'enemies' a dose of their own medicine by hacking their alleged country's websites achieves nothing but unproductive counter-actions," it said.