Incident Identification
The data breach incident in the Philippines in 2016 was one of the most critical in the country’s history. According to Paganini (2017), a few weeks before the national elections, the local hacker group released electors’ personal data on a special web platform. As a result of cybercriminals’ actions, the personal information of more than 55 million people became public (Paganini, 2017). The lack of adequate encryption mechanisms resulted in passport data, residents’ fingerprints, and other personal information being stolen and exposed to the public in the form of the archive with 355 tables (Paganini, 2017). Chi (2016) argues that the National Electoral Commission was powerless in the face of the unexpected hacker attack that threatened the entire election campaign. As a result, the country’s citizens faced the threat of theft of their personal data.
Critical Impact and Damage Analysis
The scale of the problem of cyberattacks in the modern world is vast, and the case of the Philippines in 2016 demonstrated the vulnerability of even such important databases as those containing information on electors. In her assessment of the issue, Tan (2020) notes that electoral boards are vulnerable to cybercriminals due to loose data retention regulations and heavy use of social media in the country. Security management, in this case, involves taking measures to keep digital data safe from intruders. Moreover, given the fact that not only the election campaign was under threat but also millions of citizens, the Philippines’ data security system can be described as underdeveloped.
From a personal perspective, the cyberattack in the Philippines became a significant problem for the population. Alladi, Chamola, and Zeadally (2020) argue that whether or not individual data is made public through a leak, such an outcome is a severe breach of personal information processing principles from both an ethical and legal perspective. In some cases, financial losses can become a negative result. For instance, Paganini (2017) mentions a case of a cyberattack in the SWIFT international payment system when hackers stole $81 million. Society has the right to rely on the safe storage and processing of citizens’ personal data; otherwise, any attempt to provide anonymity is pointless in the face of advanced cybercrime.
Suggested Solutions
To prevent a repeat of incidents like those in the Philippines in 2016, the authorities should pay more attention to the management of digital data security. One of the potentially viable practices is to fortify national databases with appropriate encryption keys, which, as Süzen (2020) states, is a prerequisite for securing information. The case of the Philippines shows that citizens’ data was not sufficiently protected, and this allowed cybercriminals to freely steal and make public a large amount of personal information. Appropriate advanced encryption algorithms can help successfully resist outside attacks by securely encoding digital content. In the short term, this solution can help structure national databases; in the long term, it may contribute to eliminating attack precedents.
Another solution that can be effective is the creation of a program to control local social media. According to Paradise et al. (2017), to prevent criminals’ activities on public communication platforms, restrictive measures should be introduced on the publication of suspicious materials. In addition, information about possible sources of threats needs to be collected to assess potential risks and implement timely countermeasures. In the short term, this step will make surfing social media safer. From a long-term perspective, such a solution may contribute to preventing cybercrime on public media platforms.
Reference List
Alladi, T., Chamola, V. and Zeadally, S. (2020) ‘Industrial control systems: cyberattack trends and countermeasures’, Computer Communications, 155, pp. 1-8.
Chi, L. (2016) ‘Philippines elections hack ‘leaks voter data’’, BBC.
Paganini, P. (2017) The biggest cyber-security incidents of 2016.
Paradise, A. et al. (2017) ‘Creation and management of social network honeypots for detecting targeted cyber attacks’, IEEE Transactions on Computational Social Systems, 4(3), pp. 65-79.
Süzen, A. A. (2020) ‘A risk-assessment of cyber attacks and defense strategies in Industry 4.0 ecosystem’, International Journal of Computer Network & Information Security, 12(1), pp. 1-12.
Tan, N. (2020) ‘Electoral management of digital campaigns and disinformation in East and Southeast Asia’, Election Law Journal: Rules, Politics, and Policy, 19(2), pp. 214-239.