Philippines detects foreign cyber threats but reports no breaches

Philippine cyber minister warns of foreign attempts to access intelligence data but says national defenses remain secure.

A hooded man holds a laptop as cyber code is projected onto him in this illustration taken on May 13, 2017. Photo by Kacper Pempel/Reuters

By Laila Azzahra and Widya Putri

The Philippines has detected multiple foreign attempts to access intelligence data, but no successful breaches have been recorded so far, according to the country’s cyber minister. Ivan Uy, minister for information and communications, revealed on Tuesday that these cyber threats are wide-ranging, with advanced persistent threats (APTs) repeatedly trying and failing to infiltrate government systems. Despite these persistent efforts, Uy emphasized that the country’s cyber defenses have remained resilient.

Foreign-backed cyber threats pose growing risks

APTs, a term used to describe cyber actors or groups—often state-sponsored—that engage in malicious activities, have long posed risks to national security. Uy confirmed that such threats have existed for years and are constantly evolving. "These have been present for quite some time, and threats come from many actors, but a big majority of them are foreign," he told Reuters.

Some of these cyber threats, referred to as "sleepers," had already been embedded in government systems before being detected through recent cybersecurity efforts. Uy questioned how these threats could remain undetected for so long, stating, "Why are these things operating in those systems, without even anybody calling it out?"

While the government has successfully prevented cyberattacks from compromising critical infrastructure, Uy warned that continuous vigilance is necessary. "Hopefully, it's because our cyber defenses and cybersecurity are strong enough," he added.

Attribution challenges and diplomatic efforts

Attributing cyber intrusions to specific actors remains a challenge, as hackers often leave misleading digital traces to obscure their origins. However, Uy noted that the Philippine government is actively working with diplomatic partners, military officials, and intelligence-sharing networks to validate threats and strengthen defenses.

International cooperation plays a crucial role in mitigating these risks. The Philippines has been sharing intelligence with allies and regional security networks to counter potential cyber intrusions. Uy stressed that global coordination is essential in combating evolving cyber threats.

Previous cyberattack attempts linked to China

Uy also pointed to previous cybersecurity incidents targeting the Philippine government. Last year, the country thwarted attempts by hackers operating in China who attempted to breach websites and email systems belonging to the Philippine president and various government agencies. Among the targets was an agency responsible for promoting maritime security, an issue of growing geopolitical concern in the region.

While the Philippines successfully prevented these cyberattacks, the incidents highlight the persistent nature of foreign-backed cyber espionage. Uy described these threats as part of an ongoing global "cyber arms race," where nation-states and criminal organizations exploit digital vulnerabilities for strategic or financial gain.

The rise of cyber warfare and digital threats

Uy compared modern cyber conflicts to a new form of warfare, emphasizing that cyberattacks are now as significant as traditional military conflicts. "World War III is happening, and it is cyber," he said. "These weapons are non-kinetic. They are cyber, digital, virtual, but it's happening. The attacks and defenses are happening as we speak, without any physical manifestation."

His comments reflect growing concerns that cyber warfare is reshaping global security dynamics. Unlike conventional wars, cyber conflicts unfold in the digital realm, where state-sponsored hackers and independent cybercriminals can target governments, corporations, and individuals with minimal physical evidence.

Election security concerns ahead of mid-term polls

Beyond direct cyberattacks, Uy has also flagged an alarming rise in deepfake technology and disinformation campaigns designed to manipulate public opinion. With the Philippines’ mid-term elections scheduled for May, the cyber ministry has deployed tools to combat the spread of false information.

"Misinformation and disinformation are riskier with respect to democracies like ours, because we rely on elections, and elections are based on personal opinion," Uy said. He warned that "fake news media outlets" and coordinated disinformation campaigns could influence voters and undermine the integrity of the electoral process.

Strengthening national cybersecurity measures

In response to these growing threats, the Philippine government is ramping up cybersecurity initiatives to safeguard critical infrastructure, government networks, and public data. Uy emphasized that continued investment in cybersecurity tools, personnel training, and public awareness campaigns is essential in defending against cyber intrusions.

While no breaches have been recorded so far, the increasing frequency of foreign cyber threats highlights the need for ongoing vigilance. As global cyber conflicts intensify, the Philippines remains committed to strengthening its digital defenses and working with international partners to counteract malicious activities.