ESTABLISH a bounty for Filipino White Hat Hackers.

Stop intimidating and suspecting elite IT professionals for hacking attacks in the Philippines.

These are some reactions from the country’s elite IT (information technology) professionals in the county as they responded to the appeal of the National Privacy Commission (NPC) for cooperation and assistance in attaining a secure online environment for Filipinos — both in government and private sector organizations’ internet presence.

Hacker on Pixabay bImage: from Pixabay, created by The Digital Artist.

Three of them responded positively when asked by SDN — Scitech and Digital News what is their reaction to the privacy commission’s appeal.

Positive reaction

“That’s good,” they said in a similar fashion in separate brief interviews.

They did not admit they are part of the “community” of hackers either White Hat Hackers or Black Hat Hackers in the Philippines.

Nevertheless, this journalist assured them that even if they are, their names will not be mentioned, nor their photos, published in this article.

It can be recalled that NPC Commissioner Raymund E. Liboro revealed plans of the government  to tap what he described as the “hack bayani” (hero hackers) community to help secure the Philippine System (PhilSys) national ID and other data-driven public projects.

He said the government teaming up with the “hack bayani” White Hat Hackers can do a lot in protecting the country.

The top NCP official appealed to the hackers’ patriotism.

 

Privacy commission head Commissioner Raymund E. Liboro. (Photo: NPC)

Collaboration is key

“We can do a lot to help the data that will come out of PhilSys processing. You can do your part in it as well as ‘hackers ng bayan’ and indeed I strongly urge you to help government make this right. The need for you voice is now acute. Your country needs you more than ever,” said Liboro said.

He was referring to the soon-to-be implemented national ID system to be carried out by the Philippine Statistics Authority (PSA) in coordination with other government agencies.

President Rodrigo R. Duterte signed in August this year the Philippine System Identification (PhilSys) Act which mandated the creation of a single national official identification card (ID) for Filipino citizens and resident aliens.

The PhilSys ID will contain one’s Philippine Identification System number, full name, gender, blood type, data of birth, place of birth, marital status, address, and a front-facing photo.

A pilot implementation of the national ID is being planned by the PSA in selected regions of the country.

Liboro said for the country to get done its digital transformation, the biggest challenge at present is how to deliver basic services to the people at par with the way the private sector does it.

“The challenge right now, ‘mga kababayan ko’ (my countrymen), is that our people expect the government to give the same level of efficiency that they get from the private sector. Meaning, it’s no longer enough for government now to simply reform. It must pursue rapid, robust and sometimes bold transformation. And we must transform digitally,” said the NPC chief.

Kinds of hackers, what they do

In the world of hackers, there are many kinds of them.

As differentiated by Erez Lugassi, security architect and assistant vice president for marketing and business development of Maroev Cyber Systems, the hackers’ community are known as:

  • White Hat Hackers — or ethical hackers, they protect systems and people
  • Black Hat Hackers — or crackers, the cyber bad guys, they are hackers wrecking havoc on data privacy across the world trying to monetize information, they unleash malware or virus to steal information, or money
  • Gray Hat Hackers — said to be conflicted hackers because they can’t quite figure out or decide what side they want to be with
  • Script Kiddie Hackers — they are supposedly still lacking enough skills (they may either be white, black, or grey hat hackers
  • Hacktivists — they are social activists who fight for a cause
  • Red Hat Hackers — the vigilantes on cyber world
  • Green Hat Hackers — the novice of the hacking world
  • Blue Hat Hackers — they are into vengeance

Liboro called on the “ethical hackers” to help the government during the 2018 Root Conference (RootCon) 12 Hacking Conference held in Tagaytay City on September 27.

RootCon hacking conference

Over 300 Filipino hackers attended RootCon 12 at Taal Vista Hotel. Dax Labrador a.k.a. semprix founded the conference. It is the largest and premier Information Security Conference and Hackers gathering in the Philippines. It was first held on December 27, 2008.

The NPC official described White Hat Hackers as being at the center of every data protection effort.

“It is you who will design and implement the structures that keep our data safe. No longer will you be the unsung heroes keeping our boat afloat,” Liboro said. “You will be at the vanguard, keeping threats and hazards at bay, so everyone’s data will remain safely private.”

The three elite IT professionals welcome the government’s call for help.

Separately, they said that, first, the government must not regard them as “wrongdoers or criminals,” they government must stop intimidating them and suspecting them every time there is data breach in the country.

Stop suspecting White Hat Hackers

“The government does not respond in an encouraging way when we report hacking incidents. They even suspect us,” one of the three elite IT professionals, who owns a robust IT company, said.

“If you report something to the government, they will intimidate and suspect you,” the elite professional said. “So, how are we going to cooperate with the government in that kind of atmosphere?”

In welcoming the NPC’s appeal for help in safeguarding the country’s data infrastructure, the elite professionals said the government must establish a bounty or reward scheme for hackers who discover and solve data breach.

One of them cited an instance where two hackers were suspected of being responsible for the hacking and stealing of millions of voters’ information in what was then dubbed “Comeleak” at the Commission on Elections (Comelec). (EKU)