by: Byron Filog Allatog
The information age is powered substantially by computers that significantly improved access to communication, enabling seamless video conferencing and e-mail structures in this present society; computer prowess in calculation and data processing is seen in its speed, accuracy, reliability, versatility, and resource sharing made it a powerful tool in human development [1]. Looking back, wireless communication has been present for the past century, and in the form of telegraph devices in the 1800s using electromagnetic waves to drive messages in a continuous-time signal or ‘analog signal’ to send a sequence of binary information or ‘bits’ [2]. Today, digital communication, or “the use of online tools like email, social media video messaging, and texting (SMS & MMS) to reach other individuals or a specific audience to share a message” [3], reformed cyberspace exponentially. People even made cyberspace the fourth space from the common land, water, and air dimensions. DATAREPORTAL indicated in its report that 76.01 million Filipinos are internet users, and 92.05 million Filipinos are active social media users out of the 111.8 million total population [4]. However, digital communication advancement through the years comes with different risks detrimental to individuals, communities, governments, and states as increased online connectivity comes with an increased level of cyber threats. The Philippines alone has a high level of cyber threat; to preserve the national interest, the government and its people need to continuously monitor its digital communication and landscape. It is therefore paramount to identify the threats associated with digital communication, and vulnerabilities of online tools as penetrated by attack vectors and determine the country’s level of readiness to protect digital communication from cyber-attacks.
Related article: https://tinyurl.com/5n6ee5j9
Across the globe, weaponizing digital communication is an effective and accurate strategy in business and security to achieve influence and power. Similarly, gaining political power in the Philippines can be accounted to digital tactics (propaganda and fake news), as seen in the three recent election campaign processes. It is a very profitable business [5] at a cost where the democratic electoral process is attacked; the citizens’ participation in decision-making in the government is already scoured and their right to choose political representatives in the national and local seats of government is being hampered by extreme disinformation and fake news on social media platforms. The fundamental constitutional right to suffrage was undermined during these three election processes as digital manipulation was evident on all social media platforms. Rappler News concluded in its report [6], “the current landscape of fake news and internet propaganda in the Philippines paints the country more and more as increasingly vulnerable to, and more easily persuaded by, fake news.”
Relatedly, in the ongoing US-China competition for power and influence across Indo-Pacific, the Philippines was targeted by China during these electoral processes where it actively interfered in Philippine politics by generating millions of digital interactions and promoting politicians in favor of China [7]. This was evident in the thrashing made by Facebook on all Chinese disinformation operations under “Operation Naval Gazing” that employed fabricated accounts and profiles to deceive unconscious individuals into consuming Chinese disinformation from content posted that supports and argues in favor of Chinese regional influences and its policies in the South China Sea [8]. This was an attack on the sovereignty of another country.
Meanwhile, the country’s insurgency problem is still at its pace because the propaganda machinery perpetrated by the Philippine Communist Terrorist Group (CTG) known as the CPP-NPA-NDF magnified its form into digital communication and equally weaponized it on all social media platforms. CTG’s digital propaganda to brainwash the Filipino youth is very common on Facebook and very heavy on the Twitter platform. Any youth at the crossroads can easily be exploited and recruited to join any of the CTG’s front organizations and the armed revolutionary group fighters aiming to overthrow the existing government. The CTG’s recruitment has turned to online communication platforms, including the youth’s popular digital music and podcast service Spotify [9], to exploit information and expand the machinery of indoctrination and radicalization. This 53-year-old insurgency problem has continuously exploited the youth and impacted rural development. Weaponizing digital communication is a threat to national security, leave alone the attack vectors targeting online tools.
Related article: https://tinyurl.com/43fhxbcz
Monitoring a country’s digital communication takes not just the government and its communities to protect the landscape; it also brings us to understand better how digital communication is processed and its attack vulnerabilities. Computers have transformed digital communication to higher levels in cyberspace on how humans communicate and interact, but computers are only good as humans want them to be. They only follow structures of command that humans programmed them to behave and work, which puts them at risk of common attack vectors (malware and phishing) used by cybercriminals in the form of fraud. This puts digital communication at a national security concern. Crypto mining in the form of malware and phishing are the two most prevalent attack vectors by cybercriminals in 2020; not only they are coordinated but also more sophisticated [10].
Since people interact and communicate socially and financially in cyberspace, a digital identity must functionally authenticate the process. “Digital identity is an online or networked identity adopted or claimed in cyberspace by an individual, organization, or electronic device comprised of characteristics or data attributes”[11]. GRC Outlook classified digital identity as an increasingly popular attack vector and cybercriminals weaponize it for fraud schemes on the web [12]. According to Fortinet, “Many security vector attacks are financially motivated, with attackers stealing money from people and organizations or data and personally identifiable information (PII) to then hold the owner to ransom” [13]. Cybercrime costs include damage and theft of data and intellectual property and stolen money; McAfee estimated that it costs the world economy more than $1 Trillion, roughly 1% of the global GDB [14]. This attributes to another significant concern for national security for a country to help and not to become a victim. However, knowing and understanding digital communication processes are not enough for a government and its communities to monitor the same and protect its national security. Identifying the gap in securing the overall cyber posture of the country is also a must.
A country not in control of its cyber assets is unsafe, considering the advent of computers has radically changed the ‘security’ concept into information security, thereby manifesting that in a country lacking secure systems, its citizens are vulnerable to privacy attacks [15]. Securing the country’s digital communication landscape is safeguarding the nation’s assets (people and resources) because 76.01 million Filipinos communicate and interact in cyberspace. It is the responsibility of the Philippine government to have baseline capacities in cyber security like incident management and general cyber security development to protect its digital communication platform. The e-governance academy labeled the Philippines’ National Cyber Security Index scoring at 63.64 in a 2021 report, which is 4th among ASEAN countries with a considerably good rating [16]. Wide-ranging on some of the country’s measuring indicators, the country scored well in cyber policy development at 86%, average in education and professional development at 67%, and scored lowest in the protection of digital services and essential services at 20% and 17%, respectively. Tackling the country’s short measuring indicators individually, the country must invest in cyber education and professional development of workers in government and communities using e-communication to protect digital communication and its monitoring system better, albeit the digital & essential service protection which entails the usage of high caliber IT tools. Meanwhile, Angel Redoble (CISO of PLDT-Smart) explained that to increase cybersecurity posture to the highest level, a sustained awareness program coupled with attack simulations grows users’ informed aptitudes and changes their mindset into a cybersecurity culture [17]. Thus, a better edge in monitoring digital communication for the country’s cybersecurity posture is for all citizens to be well-founded with information to understand global happening as much as within the country’s cyber risk landscape to address the cybersecurity knowledge, policy, and skills gaps [18].
In protecting and securing national interest, a country must have a high level of cybersecurity posture, with its digital communication platform monitored by both the government and its people (netizens). A country knowing the situation where this digital communication is at risk, knowing the active actors using these threats, knowing the attack vectors commonly used, and understanding the whole paradigm in addressing these threats to digital communication. It can be argued that, first, the Philippines’ threats to digital communication are commonly situationally, where it is viscous during the election campaign periods where the democratic electoral processes are infringed; secondly, China has been a threat to its digital communication platform as it has actively rolled out cyber operations violating the nation’s sovereignty; thirdly, the active local actors weaponizing digital communication which in effect exploiting the country’s youth and rural development is the CPP-NPA-NDF; lastly, maintaining a cybersecurity posture is identifying the most prevalent attack vectors and changing the mindset of all users to a whole-of-community cybersecurity culture through education and awareness.
—————————————————————-
References:
[1] R. Fox, Information technology : an introduction for today’s digital World, 1st edition. Boca Raton, FL: Chapman and Hall/CRC, an imprint of Taylor and Francis, 2013.
[2] S. El Assad and D. Barba, Digital Communications 1: Fundamentals and Techniques. Newark: John Wiley & Sons, Incorporated, 2020.
[3] GOVOS, “What is digital communicaiton?,” Dec. 21, 2021. Link:https://tinyurl.com/mte2kae9
[4] K. Simon, “Digital 2022: The Philippines,” Feb. 15, 2022. https://datareportal.com/reports/digital-2022-philippines (accessed Aug. 20, 2022).
[5] P. Combinido and N. Curato, “From Grassroots Activism to Disinformation,” in Social Media in Southeast Asia, A. Sinpeng and R. Tapsell, Eds. ISEAS Publishing, 2021, pp. 19–42. doi: 10.1355/9789814951036-003.
[6] G. Eusebio, “[ANALYSIS] Fake news and internet propaganda, and the Philippine elections: 2022,” May 23, 2022. https://tinyurl.com/cutbmt7f
[7] G. Winger, “China’s Disinformation Campaign in the Philippines,” Diplomat (Rozelle, N.S.W.), 2020.
[8] B. Nimo, C. S. Eib, and L. Ronzaud, “Operation Naval Gazing,” Graphika, Sep. 2020. Accessed, Aug. 22, 2022. [Online]. Available: https://tinyurl.com/22bhw8dk
[9] PNA, “Ex-communists: NPA turns to Spotify, other online platforms to recruit after NTC blocks websites,” Jul. 18, 2022. https://tinyurl.com/5f3cmfk5
[10] CISCO Umbrella, “Cyber security threat trends: phishing, crypto top the list,” 2021. Link: https://tinyurl.com/5n9acnsb
[11] Techopedia, “Digital Identity.” https://www.techopedia.com/definition/23915/digital-identity (accessed Aug. 24, 2022).
[12] M. Argast, “Digital Identity: The Perimeter of Business Cyber Resilience.” https://grcoutlook.com/digital-identity-the-perimeter-of-business-cyber-resilience/
[13] FORTINET, “What is an Attack Vector?” https://www.fortinet.com/resources/cyberglossary/attack-vector (accessed Aug. 24, 2022).
[14] Jacob Fox, “Business Cost of Cybercrime,” Feb. 11, 2021. https://www.cobalt.io/blog/business-cost-of-cybercrime (accessed Aug. 24, 2022).
[15] CIPHER, “Which Country is #1 in Cybersecurity?,” Insights. https://cipher.com/blog/which-country-is-1-in-cybersecurity/ (accessed Aug. 19, 2022).
[16] EGA, “National Cyber Security Index: Philippines,” e-governance academy, Mar. 2021. Accessed: Aug. 22, 2022. [Online]. Available: https://ncsi.ega.ee/country/ph/?pdfReport=1
[17] A. Redoble, “In PLDT-Smart we consider the users as the First and Last line of Defense against Cyber threats,” Aug. 21, 2022. https://tinyurl.com/4t8uf9aw
[18] The Asia Foundation, “Cybersecurity in the Philippines: Global Context and Local Challenges,” Mar. 14, 2022. https://tinyurl.com/ye28sn7u
___________________________________________________
Disclaimer
The views expressed in this article are those of the author. They do not necessarily reflect the position of the Philippine National Police, the Armed Forces of the Philippines, or the Philippine Government.
CSOP101 is a professional learning site for community policing advocates, practitioners, and supporters in changing the policing landscape. It is likewise an issue-based, related to or addressing nation-building. The views expressed within individual blog posts (police blog and academic) are those of the author and do not reflect any official position or that of the author’s employers. Any concerns regarding this blog post or resources should be directed in the first instance to byron.allatog012@gmail.com.
