Army just ‘surfing,’ not attacking news site—Biazon | Inquirer News

Army just ‘surfing,’ not attacking news site—Biazon

/ 05:36 AM October 02, 2021

Not a cyberattack but mere surfing.

This was how Muntinlupa Rep. Ruffy Biazon, quoting the Philippine Army, countered the accusation that one of the Army’s internet protocol (IP) addresses was behind the cyberattacks on the alternative news website Bulatlat.com.

At the House of Representatives’ plenary deliberation on the proposed P222-billion budget of the Department of National Defense for 2022, of which he is the sponsor, Biazon said the Army had investigated the matter and concluded that the IP address in question—202.90.137.43—only engaged in “surfing activity” of less than a minute.

Article continues after this advertisement

“Based on the logs [the Army] got from the devices they have, the activity lasted around 30 seconds or less, and the data transmission is consistent with surfing activity only,” Biazon said on Wednesday night.

FEATURED STORIES

Replying to queries from Kabataan Rep. Sarah Jane Elago, he added: “There was no overloading of data seen as to the server of Bulatlat.com. So for [the Army], this cannot be considered a cyberattack, but they do acknowledge that there was surfing activity.”

He surmised that someone using the IP address may have browsed Bulatlat.

Article continues after this advertisement

Army domain

Elago had asked about the findings of the National Computer Emergency Response Team (CERT-PH) regarding “2,182 lines with logs with destination Bulatlat.com” from the IP address.

Article continues after this advertisement

The IP address also had the details [email protected] Taguig Red Server. The mil.ph is a domain reserved for the Army.

Article continues after this advertisement

Elago questioned Biazon as to who owned the email address and his or her position in the Army.

Biazon said the Army acknowledged that the address was connected to one of its personnel, “a certain Sergeant Acepcion.”

Article continues after this advertisement

“He is the registered administrator of the PH Army internet device Sophos server,” Biazon said.

The links of government-associated IP addresses to cyberattacks on alternative news websites and human rights groups was first disclosed by Quirium, a nonprofit digital forensics firm based in Sweden.

‘Flooding’

Elago was unconvinced by the Army’s explanation through Biazon, and cited CERT PH’s initial findings that “this is not just simple browsing.”

“It was flooding because of the several lines of logs that had Bulatlat.com as destination,” she said.

Elago also criticized the Army for not responding to CERT PH’s request last July for a “point person” to help in the investigation.

“More than two months have passed and it’s not far-fetched that forensic evidence has been destroyed. That is what worries me,” she said.

Elago wondered why the Army was explaining the matter at this late stage, after ignoring the request for cooperation from CERT PH and the Department of Information Communication Technology’s cybersecurity bureau.

“If the Army will continue to deny this, it means no one will answer or be accountable for the cyberattacks on these websites,” she said.

Commitment

Elago urged the Army to continue with its investigation and to impose sanctions on those found responsible for the cyberattacks.

Blazon said the military was aware of laws covering cyberattacks and would use these laws to sanction personnel found guilty of the offense, and carry out administrative processes as well.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

“That is the commitment of our military,” he said.

TAGS: Army, Cyberattack, Ruffy Biazon

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.