An Overview of Australia and the Philippines’ Cybersecurity Landscape: Exploring Areas for Cooperation

MAY 2023

Luzviminda N. Ventura

The COVID-19 pandemic accelerated the digitization of services and social interactions worldwide. The cyber integration of various aspects of everyday life has become the present reality for most people. It gave way to faster and better delivery of multiple products and services, including healthcare, education, transportation, media, financial transactions, and trade. The convenience, however, did not come without a cost. The utilization of cyber technologies exposed new vulnerabilities at the regional, national, and societal levels, down to individual private spaces. Criminal actors emerged in cyberspace to target and exploit these vulnerabilities. These cybercrimes and cyberattacks paved the way for the creation of a new field: cybersecurity, where technologies, processes, and control are used to secure digital systems, networks, and programs.

Regional Cyber Threats and Vulnerabilities Landscape

Countries in the Asia Pacific region are grappling with policies and strategies to address various cyber attacks. States such as India, Australia, and Japan face increasingly sophisticated attacks on government agencies and organizations providing critical infrastructure services. There has also been heightened risk to supply chains, particularly in the financial sector. The Financial Services Information Sharing and Analysis Center (FS-ISAC), a US-based global cyber intelligence-sharing community focused on financial services, reported a clear trend of attacks on third-party software suppliers of financial firms. For instance, a widespread supply chain attack in 2020 which involved hackers inserting malicious codes in the Orion product suite from software provider SolarWinds compromised up to 18,000 organizations, including Fortune 500 companies and US government agencies. This demonstrates how an attack on one can potentially impact many participants in the financial systems, either regionally or globally.

Moreover, the Distributed Denial of Service (DDoS) attacks^[1] have also been rising across the region, with the largest ever volumetric attacks occurring in 2021. On the other hand, ransomware^[2] attacks are on an unprecedented scale. According to Check Point’s 2021 mid-year report, the world faced a 93% rise in ransomware attacks this year. Asia Pacific faced the highest number of organizations being attacked weekly, with 1338, compared to Europe, the Middle East, and Africa (EMEA) with 777 and the Americas with 688. Closer to home, the INTERPOL Report on Cyber Threats identified the following as prominent cyber threats in 2020 and beyond: Business E-mail compromise, Phishing, Ransomware, E-commerce data interception, Crimeware-as-a-Service (CaaS), Cyber Scams, and Cryptojacking.^[3] In the Philippines, the volume of Filipinos online makes the country extremely vulnerable to cyberattacks. In 2016, the Commission on Elections experienced the biggest data leak in Philippine history, with a data breach of 70 million voters.^[4]

These developments clearly show that cyberattacks by state or non-state actors on technologies, digital systems, and critical infrastructure can undermine economic activity and national security. Indeed, cybersecurity demands to be a priority as a security concern, and the move towards greater development will prove to be a formidable challenge without addressing this fast-evolving threat. With the Philippines just beginning to build up its cyber security capability, it will be beneficial to partner with like-minded countries like Australia, one of the countries at the forefront of implementing a comprehensive cyber security strategy at the multilateral and national levels.

Australian Cybersecurity Framework

In August 2020, the Australian government released Australia’s Cyber Security Strategy (CSS) 2020, replacing the 2016 version. The latest CSS aims to invest USD1.1 million over ten years to achieve a more secure online world for Australia, which will be delivered through actions by governments to strengthen the protection of Australians, businesses, and critical infrastructure from the most sophisticated threats; efforts by businesses to secure their products and services and protect their customers from known cyber vulnerabilities; actions by the community to practice secure online behaviors and make informed purchasing decisions.^[5] In April 2021, the country launched its International Cyber and Critical Technology Engagement Strategy (ICCTES),[6] building on the 2017 International Cyber Engagement Strategy (ICES).

This cyber framework shows how Canberra’s strategy involves the government, the private sector, and the local communities. Moreover, the country has a specialized initiative targeting ransomware attacks — the Ransomware Action Plan (RAP), which builds on the 2016 and 2020 CSS and is designed around the National Strategy to Fight Transnational, Serious, and Organized Crime framework. With this plan coupled with international cyber engagement strategies, Australia recognizes that borderless cyber threats are battles one country cannot win on its own. In fact, in the ICCTES, the country plans to co-sponsor a new UN Program of Action for Responsible State Behavior in Cyberspace and invest USD14 million to strengthen cyber and critical technology resilience in Southeast Asia.^[^7]

At the legislative level, Australia continues to adapt to cybersecurity threats and challenges. Some of its legislation builds on the existing online regulatory framework established in the Enhancing Online Safety Act of 2015, which protects children and adults online. The Critical Infrastructure Bill also aims to amend the current critical infrastructure law. The bill will expand the protection over national infrastructure assets across 11 sectors, ranging from telecommunication networks and electricity grids to water and sewerage companies. This legislation will allow the Australian government to coordinate the management of networks in the event of a catastrophic cyber attack. Companies are also required to inform the government in case of an attack. These companies will now have to adhere to a stricter compliance and monitoring regime to ease concerns of foreign interference.

Today, Australian cyber security expertise is at the forefront of global developments in safety and security in cyberspace. The current cybersecurity policies of Australia encourage strong collaboration between the industry and the government. Initiatives like the Computer Emergency Response Team (CERT), a civilian cyber security non-government organization, served as part of Australia’s national incident response team for over 15 years. CERT helped share information, mitigate damage, communicate risk, and attribute attacks or malicious activities to their source.^[8] This prominence is supported by Australia’s proactive legislation, advanced law enforcement capability, rigorous policy development, and solid technical defenses.^[9] Australia also helped catalyze information sharing among its Five Eyes[10] alliance partners (i.e., the United States, United Kingdom, Canada, and New Zealand), and it helped organize cyber incident response across the Asia Pacific, where a majority of the world’s internet users currently reside.

Philippine Cybersecurity Strategy

To adapt to the changes in information and communications technologies, the Internet, and cyberspace, the Philippine Congress passed Republic Act No. 10844 in 2016, creating the Department of Information and Communication Technology (DICT). The DICT spearheaded crafting the National Cybersecurity Plan 2022 (NCP), launched in May 2017. It is a five-year plan to develop a cybersecurity infrastructure, including capability-building programs for all national agencies and local government units. In 2019, born out of the NCP, the Philippines launched the Cybersecurity Management System Project (CSMP) under the Department of Information and Communications Technology (DICT). This is the country’s national cyber intelligence platform designed to conduct information-sharing, monitor threats and protect critical national infrastructure. With the project, the DICT seeks to address immediate threats that government agencies potentially face.^[11]

At the legislative level, several bills related to cybersecurity have been passed into law: (1) the Access Devices Regulation Act of 1998, (2) the Electronic Commerce Act of 2000, (3) the Anti-Photo and Video Voyeurism Act of 2009, (4) the Anti-Child Pornography Act of 2009, (5) the Data Privacy of 2012, (6) the Cybercrime Prevention Act of 2012; (7) Republic Act 11930 or the Anti-Online Sexual Abuse and Exploitation of Children (OSAEC) Law, and most recently, (7) Republic Act 11934 or the Subscriber Identity Module (SIM) Registration Law.

These efforts show the government’s resolve to adapt to the changes brought about by cyber threats and challenges. Through these initiatives, the government is determined to address the urgency of protecting the nation’s critical infrastructure, networks, enterprises, businesses, corporations, and even individuals. However, the pandemic seems to have disrupted the momentum as society forced itself to adapt as quickly as possible to online migration of activities and services, giving lesser thought to developing cybersecurity services. Nevertheless, entering the new normal provides an opportunity for the government to realign its strategy on cybersecurity.

Philippines-Australia Cybersecurity Cooperation

As the Philippines and Australia endeavor to upgrade their partnership towards a comprehensive strategic partnership, cybersecurity can be one area it can focus more on. Like Australia, the Philippines can continue to work from existing cyber security policies as it moves towards a more potent cybersecurity strategy. As Australia published revisions of its cybersecurity strategy at the national and international level, the Philippines may also consider regularly reviewing and updating its cybersecurity strategy to keep pace with the constantly changing cyber landscape and its corresponding threats.

Specifically, the Philippines can provide data on the kinds of cyber attacks it experiences and establish information-sharing mechanisms with Australia to evaluate responses to these attacks in both countries. In this way, both countries will mutually benefit from having greater awareness of the types and trends in cyberattacks and craft solutions to prevent recurrence in the future. Collaboration with Australia in terms of sharing best practices in cybersecurity will significantly help the Philippines develop its cybersecurity system and infrastructure. Furthermore, with the demand for cybersecurity professionals in the Philippines, Australia can assist in training more cybersecurity experts who can help monitor and protect the growing critical information infrastructures in the country. In adopting these mechanisms, it is important to consider the values and principles shared by Australia and the Philippines regarding cybersecurity capability. A shared mindset on pursuing cybersecurity goals will help produce an enduring cybersecurity partnership and provide standards for evaluating each action.

Small but Crucial Steps

Adopting a cybersecurity strategy framework requires overcoming conceived assumptions and misunderstandings about the threat cyber attacks pose to society and the region. Recognizing the reality of cybersecurity threats is an important initial step in crafting policies and strategies to readily address them. With the cost and complexity of cybersecurity, having like-minded partners will help sustain a comprehensive cybersecurity strategy. Cybersecurity strategy and cooperation demand wide-ranging policies and responses that build on foundational knowledge and can adapt to changes when necessary. Although the idea of keeping up with cyber security threats can be overwhelming, taking small but crucial steps, such as bilateral cybersecurity cooperation, can make an impact in encouraging other states and promoting cyber resilience in the region.

Endnotes:

^[^1] This type of attack takes advantage of the specific capacity limits that apply to any network resources. The DDoS attack will send multiple requests to the attacked web resource – with the aim of exceeding the website’s capacity to handle multiple requests and prevent the website from functioning correctly. (Kaspersky. n.d. What is a DDoS Attack? – DDoS meaning. https://www.kaspersky.com/resource-center/threats/ddos-attacks)

^[2] Ransomware is a malware designed to deny a user or organization access to files on their computer. (Source: Checkpoint Software Technologies. n.d. What is Ransomware? https://www.checkpoint.com/cyber-hub/threat-prevention/ransomware/ )

^[3] INTERPOL. “INTERPOL Report Charts Top Cyberthreats in Southeast Asia,” January 22, 2021. Accessed via https://www.interpol.int/en/News-and-Events/News/2021/INTERPOL-report-charts-top-cyberthreats-in-Southeast-Asia

^[4] BBC News. “Philippines Elections Hack ‘Leaks Voter Data,’” April 11, 2016. https://www.bbc.com/news/technology-36013713

^[5] 2020 Cyber Security Strategy. “Department of Home Affairs Website,” n.d. https://www.homeaffairs.gov.au

[6] Australia’s International Cyber and Critical Technology Engagement Strategy aims to guide Australia’s practical international engagement across cyber and critical technology issues. Full text of the strategy can be accessed via www.internationalcybertech.gov.au.

^[7]Commonwealth of Australia, Department of Foreign Affairs and Trade, Australia’s International Cyber and Critical Technology Engagement Strategy (2021). ISBN 978-1-74322-553-0 Australia’s International Cyber and Critical Tech Engagement Strategy (PDF). Retrieved from https://www.internationalcybertech.gov.au/sites/default/files/2020-11/The%20Strategy.pdf

^[8] Smith III, Frank & Ingram, Graham. (2017). Organising cyber security in Australia and beyond. Australian Journal of International Affairs. 71. 1-19. 10.1080/10357718.2017.1320972. Retrieved from https://www.researchgate.net/publication/317022664_Organising_cyber_security_in_Australia_and_beyond/citation/download

^[9] Cybersecurity Opportunities in the ASEAN Region (2019). Australian Cyber Security Growth Network. The Australian Trade and Investment Commission website. Retrieved from https://www.austrade.gov.au/ArticleDocuments/3228/ASEAN-market-insights-Cyber%20Security.pdf.aspx

[10] The Five Eyes Intelligence Oversight and Review Council (FIORC), established in 2017, is composed of non-political intelligence oversight, review, and security entities of Australia, Canada, New Zealand, UK and the US.

^[11] Inquirer News. January 17, 2019. Israeli surveillance firm to build PH cybersecurity platform. Accessed December 26, 2022 via https://technology.inquirer.net/82783/israeli-surveillance-firm-to-build-ph-cybersecurity-platform#ixzz7b4XTXpP0

Sources:

The Financial Services Information Sharing and Analysis Center. “Navigating Cyber 2022 Annual Cyber Threat Review and Predictions.” FS-IAC, 2022.https://www.fsisac.com/hubfs/NavigatingCyber-2022/NavigatingCyber2022-TLPWHITE-FIN.pdf

SOPHOS. “The Future of Cybersecurity in Asia Pacific and Japan 3rd Edition.” A Tech Research Asia report sponsored by SOPHOS, March 2021. https://assets.sophos.com/X24WTUEQ/at/2hnbbjt7k7q55zn7xpxg9gsn/sophos-future-of-cybersecurity-apj-wp.pdf

Service Organization Control Radar. “Top 5 Cyber Attacks in the Asia Pacific (APAC) in 2021.” SOCRadar, December 28, 2021. https://socradar.io/top-5-cyber-attacks-in-the-asia-pacific-apac-in-2021/

Castillo, Christine Lisette. “Pursuing Regional Cyber Cooperation: Implications for the Philippines and the ASEAN.” National Defense College of the Philippines website. 2021. https://ndcp.edu.ph/epb-2021-07/

International Criminal Police Organization. “INTERPOL report charts top cyberthreats in Southeast Asia.” INTERPOL, January 22, 2021. https://www.interpol.int/en/News-and-Events/News/2021/INTERPOL-report-charts-top-cyberthreats-in-Southeast-Asia

Sy, Geronimo L. “Cybersecurity and Cybercrime: Philippine Perspective.” Department of Justice, n.d. https://doj.gov.ph/files/cybercrime_office/Cybersecurity%20and%20Cybercrime-Philippine%20Perspective.pdf

Balinbin, Arjay. “Philippines must work with neighbors to build cyber-resiliency — Kaspersky.” Business World, July 07, 2022. https://www.bworldonline.com/technology/2022/07/07/459598/philippines-must-work-with-neighbors-to-build-cyber-resiliency-kaspersky/

Google, Temasek and Bain (2020). e-Conomy SEA 2020 At full velocity: Resilient and racing ahead. Fifth edition. Retrieved on 22 September 2022 from https://www.bain.com/insights/e-conomy-sea-2020/

Trellix. (14 April 2022). Cyber Readiness in Asia Pacific Region: Australia, India & Japan. Retrieved on 22 September 2022 from https://www.trellix.com/en-us/about/newsroom/stories/perspectives/cyber-readiness-in-asia-pacific-region.html

FS-ISAC (2022). Cyber Trends and Threats in Asia Pacific Guidance for 2022. Retrieved on 22 September 2022 from https://www.fsisac.com/cyberthreatsapac

Check Point (2021) Ransomware Exploits and Supply Chain Attacks Lead the Cyber Trends in the First Half of 2021. https://pages.checkpoint.com/cyber-attack-2021-trends.html

Secure Connections (2022 March). Cybersecurity in the Philippines: Global Context and Local Challenges. The Asia Foundation. Retrieved from https://asiafoundation.org/wp-content/uploads/2022/03/Cybersecurity-in-the-Philippines-Global-Context-and-Local-Challenges-.pdf

Giray, John (2022 January 25). Philippine Cybersecurity Market. Market Intelligence. International Trade Administration. Retrieved on September 22, 2022 from https://www.trade.gov/market-intelligence/philippine-cybersecurity-market-0

Gonzales, Gelo (2019 January 16). DICT launches Cybersecurity Management System Project for gov’t agencies. Rappler News. https://www.rappler.com/technology/221115-dict-launches-cybersecurity-management-system-project-for-govt-agencies/

Australian Government Department of Home Affairs. “Australia’s Cyber Security Strategy 2020.” https://www.homeaffairs.gov.au/about-us/our-portfolios/cyber-security/strategy/australias-cyber-security-strategy-2020

Commonwealth of Australia, Department of Foreign Affairs and Trade, Australia’s International Cyber and Critical Technology Engagement Strategy (2021). ISBN 978-1-74322-553-0 Australia’s International Cyber and Critical Tech Engagement Strategy (PDF). Accessed 27 December 2022 via https://www.internationalcybertech.gov.au/sites/default/files/2020-11/The%20Strategy.pdf

Download PDF

CIRSS Commentaries is a regular short publication of the Center for International Relations and Strategic Studies (CIRSS) of the Foreign Service Institute (FSI) focusing on the latest regional and global developments and issues.

The views expressed in this publication are of the authors alone and do not reflect the official position of the Foreign Service Institute, the Department of Foreign Affairs and the Government of the Philippines.

Luzviminda N. Ventura is a Foreign Affairs Research Specialist with the Center for International Relations and Strategic Studies of the Foreign Service Institute.