DOST, Army asked to clarify alleged links to cyberattacks


Posted at Jun 30 2021 05:16 PM

MANILA - Days after linking government agencies to cyberattacks against 2 online alternative news websites, a Sweden-based digital forensics group said several of its questions remain unanswered despite the agencies’ denial of involvement in these incidents. 

Qurium, a Swedish registered non-for-profit foundation, earlier said that from May-June it received brief but frequent distributed denial of service (DDOS) attacks against the media outlets, as well as, the website of human rights group Karapatan. 

A DDOS attack aims to crash or severely slow down a website so that users can't access it.

The news outlets and human rights group were previously tagged by government officials as fronts for the Communist Party of the Philippines and the New People’s Army. 

One of the attacks was traced to a machine with an IP address from the Department of Science and Technology (DOST), while another attack was traced to a machine using an IP address from the Philippine Army. 

Both the DOST and the military quickly denied links to the cyberattacks. 

The DOST said the IP address tracked to the DOST “does not translate to the Department’s involvement in the matter." 

IP addresses come from the Asia Pacific Network Information Centre (APNIC), the regional registry that distributes and manages these in the Asia Pacific region. These addresses were registered with the DOST because it was the Department that received them, the DOST explained. These IP addresses have already been distributed to other government agencies, DOST added.

The Philippine Army, meanwhile, said it "respects" freedom of expression and will “look into” these attacks. 

Despite these explanations and assurances, Qurium said the government has yet to explain which organization or institution operates behind one of the IP addresses mentioned in the report, namely "202.90.137{.}42".

Qurium also asked: “Why such organization and their Abuse Handling details are not properly reflected in the APNIC Whois Database or any other public resource to speed up “Network Abuse” resolution?” 

Finally, the digital forensics group also asked about an email address that appeared to be from the military, which figured in the cyberattacks.

“Who is” 

Last year, Facebook took down several pages and accounts linked to the military for violating its community standards.


Watch more on iWantTFC