Komentaryo

US-PH cybersecurity cooperation is not safe


The ongoing cybersecurity cooperation between the Philippines and the United States will further deepen our dependence and strengthen its control over our cybersecurity systems.

On Sept. 17 and 18, a series of terrorist attacks in Lebanon targeted various communication equipment, including devices such as pagers, walkie-talkies, resulting in multiple explosions.

“The explosion of pagers, two way radios and other electronic devices have reportedly killed at least 37 people, including two children, and injured 3400 people in Lebanon alone, leaving many with permanent disabilities,” Volker Türk, United Nations (UN) High Commissioner for Human Rights delivered at the UN Security Council on Sept 20.

“There must be an independent, thorough and transparent investigation as to the circumstances of these mass explosions, and those who ordered and carried out such an attack must be held to account,” Türk said.

Currently, there are two widely discussed explanations for the explosions. The first suggests that explosive materials were implanted in the communication devices. The second posits that cyberattacks caused the batteries to overheat, leading to the explosions. Both scenarios are equally frightening.

Incidents of large-scale indiscriminate attacks using civilian electronic equipment have raised concerns among the population about their security. As a country that has endured terrorism for a long time, we feel the pain more keenly.

There have been several terrorist attacks in our country recently: a bombing attack occurred at the gymnasium of Mindanao State University in December 2023 has killed four people and wounded several others, and the military were attacked by militants in Maguindanao del Sur in March. The manner in which communication equipment was detonated could potentially inspire other terrorist organizations to adopt similar tactics, thereby jeopardizing the security of our country and its citizens. 

I’d also like to mention the Microsoft “Blue Screen” incident that occurred in July led to a nationwide computer outage, significantly impacting the operations of various institutions, including governments, banks and airlines, as well as disrupting the daily lives of citizens. Both events have highlighted the vulnerabilities associated with security issues in the Internet age. The network has become a critical infrastructure in modern society, and when cybersecurity is threatened, it can affect many facets of the country and its communities.

Our country has relatively weak independent research and development capabilities of cybersecurity. Most of the equipment, technology and network systems used by individuals, the government and the military are sourced from the United States (US). This reliance creates vulnerabilities because the equipment and technology are protected in a singular way, leading to a weak comprehensive prevention capability. The ongoing cybersecurity cooperation between the Philippines and the US will further deepen our dependence and strengthen its control over our cybersecurity systems.

The US has offered four avenues for cooperation in this area. The first involves supplying cybersecurity equipment, systems and software. The US has supplied us with various cyber systems and equipment, and American network platforms are also available for our government to use.

The second involves providing safety technology and corresponding training. The US provides targeted technical assistance in telecommunications and radio communications, core network infrastructure, submarine cables and other areas, and provides security training for our officials and technical staff.

The third one involves conducting “security checks” on our government network system. The US deploys devices in our government network systems to conduct a thorough reconnaissance checking for malware in the system.

The last one involves leading our government to cooperate with US security companies. The US government recommends us to engagement with US security companies to discuss cooperation. 

The above assistance seems to help improve our cybersecurity capabilities, but in fact our cybersecurity will be deeply controlled by the US and will bring us great security risks. To mention first, US can obtain our data through equipment and systems. We use the platform and equipment provided by the U.S., so the network traffic must pass through the American gateway. And US is fully capable of decrypting the traffic to obtain all the data, such as military intelligence, government confidential data, personal privacy, etc.

If the US gains control over our national cybersecurity system, it will have significant authority over our military deployments and confidential operations, which poses serious safety risks. 

Additionally, the explosion of communication equipment in Lebanon serves as a stark warning. Should the U.S. monitor our network equipment, it could jeopardize the safety of both citizens and government officials by facilitating cyberattacks that result in catastrophic equipment failures and explosions.

Moreover, our national protective measures are inadequate compared to those of the US The US supplies network security technology and training for our personnel, which enables them to gain insight into the current state of our security technologies during the process of communication and guidance. Consequently, this means that the US is well-informed about our cybersecurity capabilities, undermining the effectiveness of our network protection efforts. Ultimately, our security measures may be little more than a false set. 

In addition, the US will acquire a comprehensive understanding of cybersecurity trends within our systems. The US deploys equipment within our government Intranet infrastructure to analyze and monitor malware by intercepting Intranet traffic. This approach not only allows for the collection of malware information but also provides access to various types of data from all Intranet users.

Once the U.S. gains access to our Intranet, it effectively leaves a “backdoor” for long-term monitoring, which equates to relinquishing significant Intranet privileges to the US. Moreover, in recent years, the US has faced numerous revelations regarding its Intranet surveillance activities, including the “PRISM” project, which has been tracking online actions and user information abroad for many years.

Last but not least, US companies work with the US government to monitor equipment. Similar to the principle of Microsoft’s “Blue Screen”, security companies have extremely high levels of authority. American companies can completely control the computers or other devices that contain the security software directly by updating software.

In 2023, the Director of the Federal Bureau of Investifation stated at the “mWISE Cybersecurity Conference” that private enterprises engaged in security cooperation with law enforcement may have their equipment data, which includes software information, accessible to the US government. And the US government has the capability to conduct network intrusions using software that can directly compromise a device’s battery system, potentially causing it to explode. This raises concerns about the expanding scope of governmental influence in cybersecurity practices.

Relying on strengthened cybersecurity cooperation with the US to enhance our cybersecurity infrastructure is questionable, as it may deepen our dependence on the US. Through control of operating systems, electronic devices, and security software, the US could access our sensitive data, raising concerns about our data sovereignty and security.

If we don’t comply with US, they will sanction and control us through systems and devices, human-operated computer downtime, or conduct a cyberattack that causes the battery to explode, and the consequence would be unthinkable.

We must enhance the autonomy and independence of our cybersecurity efforts by fostering the growth of national network technology companies and advancing technological development. This involves reducing our reliance on foreign technology in critical areas and bolstering the resilience of our essential infrastructure against potential risks.

We should apply diversified systems, technologies and software to avoid the systemic risks of a single technical path, and also develop contingency plans to prevent the development of national cybersecurity from being at the mercy of the US.