30,000 vulnerabilities found in 2,002 gov’t files–DICT
Some government agencies remain at risk of cyberattacks even after others suffered massive data breaches in the past months, the Department of Information and Communication Technology (DICT) said, as it struggles to mitigate such attacks due to lack of funding and personnel, and even the unresponsiveness of agencies to safety checks.During a House hearing by the committee on information and communication technology on Tuesday, DICT Undersecretary Jeffrey Uy told lawmakers that since December 2023, they have discovered over 30,000 vulnerabilities in at least 2,002 government digital assets.
At the same time, as of April 2024, the agency was able to preempt over 800 attempts to hack government agencies, which were then classified based on how critical the attacks were.
Based on their assessment, the top 10 agencies that were most at risk for critical incidents were the Department of Health, DICT, Department of Transportation, National Economic Development Authority, Philippine National Police, Department of Environment and Natural Resources, Philippine Economic Zone Authority, Civil Service Commission, Office of the President, and Department of Science and Technology.
Response to cyberattacksUy did not explain why these agencies were the most vulnerable, but many of their websites hold public records pertaining to critical infrastructure, government projects and personnel records.
These findings were discovered through DICT’s Project Sonar (Secure Online Network Assessment and Response), which it implemented last year in response to the series of cyberattacks against government agencies, including the House of Representatives. INQ