ASEAN countries should learn from the Philippines’ massive election data leak
THE massive data hack that took place before the Philippines’ national election has raised security concerns in the region, especially among malware-prone member countries of the Association of Southeast Asian Nations (ASEAN).
The colossal personal data leak involving 55 million registered voters in April had threatened to paralyze the polls, prompting the country’s Commission on Elections (Comelec) to engage foreign cybersecurity experts to ensure the integrity and security of the polling results, and to prevent a recurrence of such attacks.
The leaked data included voters’ names, birthdays, home addresses, email, parents’ full names and, in some cases, passport details and text markers of fingerprints.
The hacking compromised the personal information of 1.3 million registered overseas Filipino voters along with the fingerprints of 15.8 million other voters, exposing them to identity theft.
According to ComputerWeekly.com, the attack on the electoral role was a formidable threat in the region as its perpetrators have become more professional and industrialized – they are now more organized, disciplined and well-funded.
BAE Systems Applied Intelligence regional director Asia, Boye Vanell, said emerging nations like the Philippines are faced with a challenge where technology is revolutionizing traditional industries. He said although this allowed exponential growth, the changes open up new avenues for cyber attackers to exploit.
Vanell said organizations such as Comelec needed to take the essential step of understanding basic security hygiene. This is because the bulk of cyber attacks exploited loopholes such as unpatched serves or applications, and capitalized on lapsed security awareness.
“Organizations need to understand what it is they must defend, how exposed these assets are, and what their risk appetite is. Is it payment card details, is it personal data, is it intellectual property?” he was quoted saying.
“Preparation before the attack comes is vital for reducing the impact on critical assets when it happens.”
According to Vanell, proactive measures must be taken to address cyber attacks that threatened organizations in both the public and private sectors. He added that organizations can take vigilant steps by understanding their likely threats, apart from identifying the risks and protection of assets involved.
“Although the global connectivity of the internet may make it seem as if you’re exposed to the whole world, attacks will often come from local sources. This is particularly the case with activists, who may not agree with domestic government policies or groups impacting their immediate sphere of influence,” he said.
To curb such attacks, Vanell told ComputerWeekly that organizations should combine threat intelligence of the known threat actors and vectors, with data analytics which looks for potentially unknown threats through behavioral anomalies and patterns.
“Ultimately, this needs to be supported with an effective incident response plan in the case that a cyber attack succeeds,” he added.