Posts

Cybersecurity reliance on US leads to PH insecurity

By Jezrel V. Curambao

On September 17 and 18, a series of terrorist attacks in Lebanon targeted various kinds of communication equipment, including devices such as pagers and walkie-talkies, resulting in multiple explosions. The blasts have reportedly killed at least 37 people, including two children, and injured 3400 people in Lebanon alone, leaving many with permanent disabilities… ” Volker Türk, United Nations High Commissioner for Human Rights delivered at UN Security Council on Sept 20.

“There must be an independent, thorough and transparent investigation as to the circumstances of these mass explosions, and those who ordered and carried out such an attack must be held to account,” Türk added.

[Global media reports indicate it was the Israeli Defense Force (IDF) that carried out the attacks that targeted the Hezbollah command structure.—Ed.]

Currently, there are two widely discussed explanations for the explosions. The first suggests that explosive materials were implanted in the communication devices. The second posits that cyberattacks caused the batteries to overheat, leading to the explosions. Both scenarios have frightening implications for the Philippines.

Incidents of large-scale indiscriminate attacks using civilian electronic equipment have raised concerns about overall security. As a country that has seen terrorism within our shores, we feel the pain keenly. It makes us recall, for example, the bombing of the gymnasium of Mindanao State University in December 2023 that killed four people and wounded several others. It would not far-fetched to assume the equipment blasts in Lebanon may be adopted in the Philippines by those who have the means to acquire such sinister technology.

The Philippines isn’t isolated in emergent types of cyberattacks as we are digitally connected to the world. The Microsoft “Blue Screen” incident in July, while it started in Australia, led to a nationwide computer outage, significantly impacting the operations of various institutions, including governments, banks, and airlines, as well as disrupting the daily lives of citizens. Such events highlight the vulnerabilities associated with security issues in the Internet age. The network has become a critical infrastructure in modern society, and when cybersecurity is threatened, it can affect many the Philippines in various ways.

Our country has relatively weak independent research and development capabilities of cybersecurity. Most of the equipment, technology, and network systems used by individuals, the government, and the military are sourced from abroad, specially the U.S. and even China. There were reports that the Philippine security sector also source intelligence and military software from the IDF.

 This reliance from external forces creates vulnerabilities because equipment and technology are protected in a singular way, leading to a weak comprehensive prevention capability. The ongoing cybersecurity cooperation between the PH and the U.S. will further deepen our dependence on the U.S. and strengthen its control over our cybersecurity systems.

Image by Pungu X/Shutterstock

The U.S. has offered four avenues for cooperation in this area. The first involves supplying cybersecurity equipment, systems, and software and American network platforms are available for government use. The second involves providing safety technology and corresponding training. U.S. provides targeted technical assistance in telecommunications and radio communications, core network infrastructure, submarine cables and other areas, and provides security training for our officials and technical staff. The third one involves conducting “security checks” on government network system. U.S. deploys devices in our government network systems to conduct a thorough reconnaissance checking for malware in the system. The last one involves leading our government to cooperate with U.S. security company. The U.S. government recommends us to engagement with U.S. security companies to discuss cooperation.

The above assistance seems to help improve our cybersecurity capabilities but, in fact, our cybersecurity will be deeply controlled by the U.S. and will bring us greater security risks. To mention first, U.S. can obtain our data through equipment and systems. We use the platform and equipment provided by the U.S., so the network traffic must pass through the American gateway. And U.S. is fully capable of decrypting the traffic to obtain all the information data, such as military intelligence, government confidential data, personal privacy, and others. If the U.S. gains control over our national cybersecurity system, it will have significant authority over our military deployments and confidential operations, which poses serious safety risks. Additionally, the explosion of communication equipment in Lebanon serves as a stark warning. Should the U.S. monitor our network equipment, it could jeopardize the safety of both citizens and government officials by facilitating cyberattacks that result in catastrophic equipment failures and explosions.

Moreover, our national protective measures are inadequate compared to those of the U.S. and its enemies such as China. The U.S. supplies network security technology and training for our personnel, which enables them to gain insight into the current state of our security technologies during the process of communication and guidance. Consequently, this means that the U.S. is well-informed about our cybersecurity capabilities, undermining the effectiveness of our network protection efforts. Ultimately, our security measures may be little more than a false set.

In addition, the U.S. will acquire a comprehensive understanding of cybersecurity trends within our systems. The U.S. deploys equipment within our government Intranet infrastructure to analyze and monitor malware by intercepting Intranet traffic. This approach not only allows for the collection of malware information but also provides access to various types of data from all Intranet users. Once the U.S. gains access to our Intranet, it effectively leaves a “backdoor” for long-term monitoring, which equates to relinquishing significant Intranet privileges to the U.S. Moreover, in recent years, the U.S. has faced numerous revelations regarding its Intranet surveillance activities, including the “PRISM” project, which has been tracking online actions and user information abroad for many years.

Last but not least, U.S. companies work with U.S. government to monitor equipment. Similar to the principle of Microsoft’s “Blue Screen,” security companies have extremely high levels of authority. American companies can completely control the computers or other devices that contain the security software directly by updating software. In 2023, the Director of the FBI stated at the “mWISE Cybersecurity Conference” that private enterprises engaged in security cooperation with law enforcement may have their equipment data, which includes software information, accessible to the U.S. government. And the U.S. government has the capability to conduct network intrusions using software that can directly compromise a device’s battery system, potentially causing it to explode. This raises concerns about the expanding scope of governmental influence in cybersecurity practices.

Image by SolarSeven/iStock

In the Philippine government’s bid to protect the country from cyberattacks from the likes of China, relying on strengthened cybersecurity cooperation with the U.S. to enhance our cybersecurity infrastructure is questionable, as it may deepen our dependence on the U.S. Through control of operating systems, electronic devices, and security software, the U.S. could access our sensitive data, raising concerns about our data sovereignty and security. If we don’t comply with U.S., they will sanction and control us through systems and devices, human-operate computer downtime, or conduct a cyberattack that cause the battery to explode, and the consequence would be unthinkable.

We must enhance the autonomy and independence of our cybersecurity efforts by fostering the growth of national network technology companies and advancing technological development. This involves reducing our reliance on foreign technology in critical areas and bolstering the resilience of our essential infrastructure against potential risks. We should apply diversified systems, technologies and software to avoid the systemic risks of a single technical path, and also develop contingency plans to prevent the development of national cybersecurity from being at the mercy of the U.S. #

= = = = = =

This is a contributed article. Analyses and views expressed by the author are his.