Gp Capt Ajey Lele (Retd.) is Deputy Director General at the Manohar Parrikar Institute for Defence Studies and Analyses, New Delhi. Click here for detailed profile.
A controversial political leader, Rodrigo Duterte, has won the recently held presidential elections in The Philippines. He had undertaken an extremely inflammatory campaign, propagating draconian measures for handling issues related to drugs and crime. This 71-year-old leader, who has been a long-time mayor of the southern city of Davao, had used highly filthy and cuss-filled language during the election campaign. Although he spoke against laws on human rights and abused the Pope, he still won with a large popular support. Because of Duterte’s maverick approach and obvious comparisons with the US Presidential hopeful Donald Trump, media attention during this election remained focused more on various theatrics.
Now, after the heat and dust of the election is over, it is important to analyse a few issues that did not receive adequate attention during the campaign phase, but which are vital not only from the perspective of The Philippines but globally as well. One such issue is cyber-attack on the database of The Philippines Election Commission. This attack is considered as the worst ever government data breach anywhere in the world.
The leakage of data began on March 27, 2016. Immediately, the Commission on Elections (COMELEC) reported that it was limited to the hacking of its website and not the entire electoral database. COMELEC is responsible for all website-related operations including security. Subsequently, it became evident that almost all the records were compromised, causing significant damage. The hacking was carried out in phases. First, the website was hacked and, subsequently, the database was mined and the information leaked. The job was done not by one but multiple hacking groups. The following appears to have got compromised:
Information relating to approximately 55 million registered voters such as names, dates of birth, addresses, Voter Identification Numbers (VIN), etc.
1.3 million records of overseas voters, known as Overseas Filipino Voters (OFV). The stolon data included their passport details too.
Details of all candidates participating in the election.
Old records from 2010 onwards, including 15.8 million records of fingerprints.
Immediately after the data was stolen it was made available on the internet. The basic question that arises after such a massive cyber-attack is this: who were the perpetrators of this attack and what could have been their motive?
Some agencies with technical expertise have attempted to decipher this attack. Their immediate conclusion was that the election commission had not taken adequate measures to ensure security. On March 27, the COMELEC website got hacked by a group called Anonymous. Subsequently, a second group of hackers, which calls itself LulzSec Pilipinas, also penetrated the Commission’s systems and stole the entire database. This group made its catch public by posting the links to index of files (downloadable) and archival database. Luckily, it appears that none of the information stolen (and made available on the internet) has been used for purposes like manipulation of bank accounts of individuals, etc.
The attack appears to be an act of hacktivists looking to embarrass the election commission. Normally, hacker groups like Anonymous and LulzSec are known to operate not for gaining profit from such acts but to shame agencies by proving that they are careless about data protection. Some hacktivist groups are known to be active for the last couple of years with such a self-imposed mandate and they often break into computer systems and networks mainly for political or social reasons. For the last few months, Anonymous has also been creating cyber hurdles to the US Presidential hopeful Donald Trump. It had attacked his website in January 2016. It has also been after the terrorist organization ISIS, particularly after the Paris attacks and has been trying to interfere in the latter’s virtual world. Hackers have also attacked the BBC website in the recent past. One of the most discussed information leaks in recent weeks has been that of the Panama law firm Mossack Fonseca, from which the financial documents of many known global names were obtained through a computer hack. More than 11 million documents have been released in this connection. In general, the hacker community could involve a group of trained individuals, people with business interests, or emotionally-charged teenagers keen on improving society.
Unfortunately, such hacktivist groups do not understand that their efforts to create awareness and punish miscreants could also provide readymade inputs to the people who could use misuse the information thus made available. Their intentions may be honourable but their activities are illegal.
The COMELEC hacking in The Philippines should not be downplayed only as an overenthusiastic act by a hacker community. In June 2015, the United States Office of Personnel Management (OPM) was hacked and approximately 21.5 million records were stolen. It is not clear who was behind this breach. Some analysts are of the opinion that the Chinese military could have been responsible for this act. Presently, there is a strain in China-Philippines relations owing to their rival claims to parts of the South China Sea. At present, the South China Sea dispute could be considered as one of the most sensitive multi-party disputes and every state is suspicious about Chines intensions.
What could be the reasons for the cyber-attack in The Philippines? Should the claims of the hacktivists be taken at face value? Was the intention for this attack limited to highlighting cyber vulnerabilities or was hacktivism used as a cover for some other cause? Was it an attempt to sabotage the election process in one of Asia's fastest-growing economies? That the entire process of the election did not get hampered because of this cyber-attack indicates that COMELEC had some form of redundancy mechanism in place, which is a good sign. The major challenge for COMELEC was to ensure that no tampering with the voting mechanism occurred. COMELEC had also restored its website within a day’s time after the initial attack. However, the attack indicates that the process of upholding democratic elections could be challenged by using the cyber route and democracies need to have a strong cyber security mechanism in place for the smooth conduct of elections.
Views expressed are of the author and do not necessarily reflect the views of the IDSA or of the Government of India.
Cyber Menace and Elections in The Philippines
More from the author
A controversial political leader, Rodrigo Duterte, has won the recently held presidential elections in The Philippines. He had undertaken an extremely inflammatory campaign, propagating draconian measures for handling issues related to drugs and crime. This 71-year-old leader, who has been a long-time mayor of the southern city of Davao, had used highly filthy and cuss-filled language during the election campaign. Although he spoke against laws on human rights and abused the Pope, he still won with a large popular support. Because of Duterte’s maverick approach and obvious comparisons with the US Presidential hopeful Donald Trump, media attention during this election remained focused more on various theatrics.
Now, after the heat and dust of the election is over, it is important to analyse a few issues that did not receive adequate attention during the campaign phase, but which are vital not only from the perspective of The Philippines but globally as well. One such issue is cyber-attack on the database of The Philippines Election Commission. This attack is considered as the worst ever government data breach anywhere in the world.
The leakage of data began on March 27, 2016. Immediately, the Commission on Elections (COMELEC) reported that it was limited to the hacking of its website and not the entire electoral database. COMELEC is responsible for all website-related operations including security. Subsequently, it became evident that almost all the records were compromised, causing significant damage. The hacking was carried out in phases. First, the website was hacked and, subsequently, the database was mined and the information leaked. The job was done not by one but multiple hacking groups. The following appears to have got compromised:
Immediately after the data was stolen it was made available on the internet. The basic question that arises after such a massive cyber-attack is this: who were the perpetrators of this attack and what could have been their motive?
Some agencies with technical expertise have attempted to decipher this attack. Their immediate conclusion was that the election commission had not taken adequate measures to ensure security. On March 27, the COMELEC website got hacked by a group called Anonymous. Subsequently, a second group of hackers, which calls itself LulzSec Pilipinas, also penetrated the Commission’s systems and stole the entire database. This group made its catch public by posting the links to index of files (downloadable) and archival database. Luckily, it appears that none of the information stolen (and made available on the internet) has been used for purposes like manipulation of bank accounts of individuals, etc.
The attack appears to be an act of hacktivists looking to embarrass the election commission. Normally, hacker groups like Anonymous and LulzSec are known to operate not for gaining profit from such acts but to shame agencies by proving that they are careless about data protection. Some hacktivist groups are known to be active for the last couple of years with such a self-imposed mandate and they often break into computer systems and networks mainly for political or social reasons. For the last few months, Anonymous has also been creating cyber hurdles to the US Presidential hopeful Donald Trump. It had attacked his website in January 2016. It has also been after the terrorist organization ISIS, particularly after the Paris attacks and has been trying to interfere in the latter’s virtual world. Hackers have also attacked the BBC website in the recent past. One of the most discussed information leaks in recent weeks has been that of the Panama law firm Mossack Fonseca, from which the financial documents of many known global names were obtained through a computer hack. More than 11 million documents have been released in this connection. In general, the hacker community could involve a group of trained individuals, people with business interests, or emotionally-charged teenagers keen on improving society.
Unfortunately, such hacktivist groups do not understand that their efforts to create awareness and punish miscreants could also provide readymade inputs to the people who could use misuse the information thus made available. Their intentions may be honourable but their activities are illegal.
The COMELEC hacking in The Philippines should not be downplayed only as an overenthusiastic act by a hacker community. In June 2015, the United States Office of Personnel Management (OPM) was hacked and approximately 21.5 million records were stolen. It is not clear who was behind this breach. Some analysts are of the opinion that the Chinese military could have been responsible for this act. Presently, there is a strain in China-Philippines relations owing to their rival claims to parts of the South China Sea. At present, the South China Sea dispute could be considered as one of the most sensitive multi-party disputes and every state is suspicious about Chines intensions.
What could be the reasons for the cyber-attack in The Philippines? Should the claims of the hacktivists be taken at face value? Was the intention for this attack limited to highlighting cyber vulnerabilities or was hacktivism used as a cover for some other cause? Was it an attempt to sabotage the election process in one of Asia's fastest-growing economies? That the entire process of the election did not get hampered because of this cyber-attack indicates that COMELEC had some form of redundancy mechanism in place, which is a good sign. The major challenge for COMELEC was to ensure that no tampering with the voting mechanism occurred. COMELEC had also restored its website within a day’s time after the initial attack. However, the attack indicates that the process of upholding democratic elections could be challenged by using the cyber route and democracies need to have a strong cyber security mechanism in place for the smooth conduct of elections.
Views expressed are of the author and do not necessarily reflect the views of the IDSA or of the Government of India.
Related Publications