Section

Arrest of hackers yields surprise allegations

By Manila Times - 5 months ago

THE arrest last week of three people for hacking into private and government websites, banks and Facebook accounts yielded an unexpected allegation. One of the suspects, who remained identified only by his code name "Kang Kong," claimed to work in the administrative division of the Manila Bulletin and tagged its technology editor Art Samaniego Jr. as the one who instructed him to look for "vulnerabilities" in unsuspecting websites.

The suspects, presented at a press conference on June 21 by the National Bureau of Investigation-Cybercrime Division (NBI-CCD), were alleged to be members of two big hacking groups: Philippine LulzSec and Globalsec. A third subject with an alias "Allan 10k" will be charged through direct filing, an NBI press statement said.

In a surprise revelation at the tail end of the press conference, one of the suspects said Samaniego had instructed him to look for "vulnerabilities" in the websites of the Armed Forces of the Philippines, the National Security Council and the 1Sambayan app.

Messages allegedly of Samaniego. SCREENGRAB FROM ANONYMOUS PH (ANONPH

Samaniego released a statement denying the allegations against him and said "he had been a long-time partner of government agencies in cybersecurity." He also said he did not order the hacking of some government and bank websites "to boost his social media reach."

Kang Kong told the NBI Samaniego ordered the hacking of several websites so he could have a "scoop" for his column and social media platforms.

The Manila Times tried to get additional information directly from Samaniego, but he stopped replying to our messages.

"If the accusations are true, and the allegations are proven to be true, he broke two codes of ethics: the code of ethics for journalists and the code of ethics by cybersecurity practitioners," said Lito Averia, The Manila Times columnist and president of the Philippine Computer Emergency Response Team (PH-CERT) live on TechSabado, an online podcast on Saturday, June 22.

"We need to look into this further and see what kind of ethical standards we can create in this kind of situation. Journalists should cover the news, not become the news."

"In an era where trust in journalism is under attack, this incident presents a crisis and worsens public perception. This will ripple beyond cyber journalism," said Carlos Nazareno, director for rights at Democracy.Net.PH, an ICT rights advocacy group, in a message to The Manila Times.

"With the rampant spate of cyberattacks, this too comes at a time when the government needs a big win. Whatever happens, due process must be followed in how this is going to be resolved."

INQ7 hacking case

In 2006, Samaniego, who was already the head of the IT department of Manila Bulletin, along with Tridel Technologies Inc., a local internet service provider, agreed to settle out of court a hacking case involving the news website of INQ7 Interactive Inc.

INQ7, now Inquirer.net, was a joint venture of the Philippine Daily Inquirer (PDI) and the GMA Network Inc.

"He (Samaniego) who was working for the Manila Bulletin together with this ISP (Tridel), was found guilty of illegally accessing our news website. Vulnerability test or not, but without prior permission from us, that's simply hacking. However, the owners of INQ7.net and our editorial board decided that rather than two big media companies locking horns that could eventually end nowhere, the guilty party should instead release a public apology to fast-track the resolution of the matter," according to an Inquirer insider, who requested anonymity but was personally involved with the news website at the time of the hacking. "Unfortunately, he (Samaniego) later wrote in his column in the Bulletin, still insisting on his innocence. The gall of this guy."

The INQ7 hacking incident was one of the few high-profile cyber cases that actually went to court in the early- and mid-2000s. The others were the case of Onel de Guzman for the Love Bug, better known as the "I Love You" virus, and the alleged cybersquatting of Gerry Kaimo on PLDT's domain name PLDT.com.

Warning to hackers

With the rampant proliferation of scams, hacking and other related cybercrimes, there is public pressure for the government to do something.

"We are hoping that this will send a clear signal to these individuals with criminal minds," said Angel Redoble, chairman and founding president of the Philippine Institute of Cybersecurity Professionals (PICSPro) and former chief information security officer of the PLDT Group in an interview with The Manila Times. "We have to have integrity intact all the time, as a journalist or as a cybersecurity officer. You don't go beyond it. Even if the intentions are good."

"Moving forward, Philippine journalists, cybersecurity professionals, legal and data privacy experts, and law enforcement need to get together and hash out a code of conduct and review procedures on how to deal with cyber incidents like hackings, breaches and data leaks," Nazareno said.

AnonymousPH screen grabs

Also, over the weekend, notorious hacking community AnonymousPH (AnonPH) started posting several screenshots that have spread rapidly on social media of what seem to be chat groups where alleged Pinoy hackers mingle and exchange messages. Apparently, based on the exchanges, some have criminal intent.

On one of the posts, AnonPH purportedly showed Samaniego as one of the people trading messages. In one allegation AnonPH's posted: "sariling company pinapatira. salamat pinoy lulzsec sa source."

Disclaimer : Mymoneytimes implements extreme caution and care in collecting data before publication. Mymoneytimes does not liable for the adequacy, accuracy or completeness of any given information. Hence we are not liable for any kind of direct or indirect loss caused by the use of such information.