DICT Sec. Ivan John Uy
MANILA, Philippines — No new data has been compromised in cyberattacks launched on Malacañang by China-backed hackers, even as the Department of Information and Communications Technology (DICT) noted a significant increase in such attempts ahead of the 2025 midterm elections.
Information and Communications Secretary Ivan John Uy said in a Palace press briefing on Tuesday that the country was “constantly under attack” from different sectors, although the government has been able to detect these attempts in their early stages and secure databases to prevent any information from being compromised.
READ: Upping our game vs cyberattacks
Uy, however, did not directly confirm reports that Chinese state-sponsored hackers had stolen data from the Office of the President (OP), including military documents related to the West Philippine Sea dispute. He only said that no new data was actually taken by the hackers.
“So far what we have seen is that no current information has been compromised. What we have seen so far are old data from many years ago that are being regurgitated [and] recycled just to make [the] impression that they were successful in doing so,” Uy said.
According to news reports, APT41, a Chinese-backed hacking group, carried out several cyberattacks on the Office of the President from early 2023 until June 2024 as part of an espionage campaign with government offices, hospital networks, and other organizations as the targets.
Relentless hackers
Uy noted that there was a significant increase in hacking attempts ahead of the 2025 elections, adding that the government has been repelling “several hundred thousand attempts on a daily basis” targeting websites and systems of the government’s executive and legislative branches.
“There are more fake information or disinformation that [is] being perpetrated on social media. There are attempts at compromising certain infrastructure like websites; they are trying to deface some websites or trying to introduce malicious software in all of these sites,” he said.
According to him, the government is working with the private sector to help organizations be more aware of cybersecurity preparedness and protect their infrastructure and information systems from hackers.
Old data
“Quite often, we detected that the vulnerabilities that were exploited were old systems, what we call the legacy systems. It’s possible that there are some agencies in government that have not updated their respective software, so they breach and exploit those. In most occasions, if ever there are any compromises, we’ve seen that the data are old data, and some of them are being reposted again,” Uy said.
The DICT secretary assured the public that the government was working with telecommunications providers, the National Telecommunications Commission, and lawmakers to run after these hackers and scammers.
“We are actually working with Congress to amend the Cybercrime Law in order to have a more encompassing approach. Like in other countries, what they have legislated is a law against online harm. So if online harm is addressed, that covers a wide swathe, whether it’s cybercrime, it’s scamming, it’s hacking. So long as you conduct activities that will cause harm to others online, then it is covered by that law,” Uy added.