MANILA — A multinational risk consultancy firm claimed that cybercrime would continue to pose a threat to business and individuals in the Philippines if lawmakers do not address it.

In a report released to its clients on July 18, the Pacific Strategies & Assessments (PSA) said the government’s response to the problem has been “lethargic” even if some of the websites of its agencies have been hacked.

“Cybercrime in the Philippines is becoming an increasing problem for both citizens and public sector officials. It is a crime that has yet to be adequately addressed by the country’s lawmakers, and will continue to pose a serious threat to both companies and individuals for as long as this remains so,” the PSA said.

The report said cybercrime is “any crime committed with the use of a computer system, or instances in which a computer system is targeted for criminal purposes.”

These include illegal acquisition of confidential data, hacking, identity theft, spamming, website defacement, copyright violation, and illegal pornography.

PSA said the databases of the Health, Foreign Affairs and Social Welfare Departments, the then National Disaster Coordinating Council and the Technical Education and Skills Development Authority had been hacked in 2009.

These incidents have resulted in the theft of huge volumes of confidential information, said the PSA, which has offices in Manila, Hong Kong, Shanghai, Beijing, Bangkok, Milwaukee and Sydney.

“What is particularly surprising about the government’s relative inaction is that it was the very victim of a sophisticated hacking operation in late 2009,” said the PSA, whose clients include multinational corporations, financial institutions and embassies.

“Furthermore, the perpetrators were never caught,” it added.

The PSA said the lack of laws on information and communication technology (ICT) could negatively affect investor confidence in the Philippines.

“Two of the country’s key sectors — business process outsourcing (BPO) and IT (information technology) — are particularly vulnerable to cybercrime, and the government’s apathetic approach to protecting companies will continue to affect investment,” the report said.

“While complete eradication of cybercrime — even in the most developed Western countries — is almost impossible, there is genuine concern that the lack of protection against such criminal activity in the Philippines will continue to cause severe harm,” it added.

The PSA said the government has not crafted a legal framework against cybercrime despite a number of high-profile murders and assaults committed as a result of strangers meeting on social networking sites.

The PSA said the E-Commerce Act passed in 2000 has long been outdated due to advancements in communications and the Internet.

‘I love you’ virus

The said law was crafted in response to the “I love you” virus, which affected the systems of huge firms in the Philippines.

The PSA said successive administrations have not heeded calls to form a distinct autonomous regulatory body for ICT, placing the Philippines in the list of Asia-Pacific countries without such agency.

Other Asian countries with no ICT agency are Laos, Cambodia and Myanmar.

“Such an absence contributes to a lack of understanding of cybercrime in all its forms, and in turn breeds naivete,” said the PSA.

The PSA noted that the Commission on Information and Communication Technology (CICT), which is under the Office of the President, is handling cybercrime and related issues.

PSA, however, said the CICT has been “largely inactive and reactive.”

“There is hope, however, that the Cybercrime Prevention Act will help to construct a legal framework to address computer-related crime, but it could take several years for the bill to be signed into law,” the PSA said.

Five days after the PSA report was released, the websites of the Office of the Vice President and the Food and Drug Administration were defaced by a group of hackers.

Add comment

Security code

Latest comments