Story

Pentagon to help Philippines vs hackers

 The US Department of Defense has vowed to help the Philippines defend itself against hackers, the Philippine Department of Foreign Affairs (DFA) said Thursday.

US Defense Secretary Leon Panetta said the Pentagon is now working to expand and improve the 2 countries' "joint intelligence, surveillance, and reconnaissance capabilities, and the ability to counter cyber-attacks."

Panetta issued the statement in the "2+2" meeting held earlier this week in Washington, D.C. between him, US Secretary of State Hillary Clinton and their Philippine counterparts Foreign Affairs Secretary Albert del Rosario and Defense Secretary Voltaire Gazmin, the DFA said in a press statement.

He made the vow even as the Department of Science and Technology revealed that distributed denial of service (DDOS) attacks on Philippine government websites continued this week following the defacing of websites allegedly by hackers from China.

The DFA also said that Clinton reiterated that the US will honor its obligations under the Mutual Defense Treaty amid the standoff in Bajo de Masinloc or Scarborough Shoal.

Clinton also urged claimant countries in the disputed Spratlys to clarify and settle their claims legally in accordance with international law, including the United Nations Convention on the Law of the Sea (UNCLOS), a move which the Philippines has been advocating.

Panetta said the US-Philippine defense pact "remains the cornerstone of our security relationship." He added that Washington is helping improve Manila's maritime capabilities with the transfer of a second high-endurance cutter this year.

He also said his government is "committed to a rules-based regional order that promotes viable and vibrant trade and the freedom of navigation."

In a separate at the Pentagon, Panetta agreed to strengthen Philippine-US cooperation on real-time information-sharing regarding Philippine maritime issues.

DFA Secretary del Rosario welcomed the US position on Philippine security concerns.

"The focal point for our cooperation is to build a minimum credible defense posture for the Philippines, and increase our capacity for territorial defense, maritime security, maritime domain awareness, and humanitarian assistance and disaster relief," he said.

He added that joint Philippine-US military exercises, which are aimed to ensure the interoperability of the 2 nations' armed forces, will continue to be a priority.

Hacktivist' reveals websites' weaknesses

Meanwhile, a Filipino "white hat hacktivist" on Thursday said he has found weakness in some Philippine websites that could be exploited by unscrupulous people.

The hacker who calls himself "Anonymous Butuan" said in a Facebook post that the Commission On Audit's [coa.gov.ph] webserver is running Microsoft IIS 5, which can now be easily bypassed.

"Please upgrade," he said.

He added that the website of the Department of Labor and Employment [dole.gov.ph] is vulnerable to the following attacks: blind SQL injection, XSS, and SQL injection.

"Please inform admin as soon as possible," he said.

He identified the DOLE webpages that could be easily attacked using the methods he mentioned.

He also posted a screenshot of the website with a message saying "Greetings from Anonymous Butuan!" to prove his claim.

"That was just a warning. I didn't do anything to their website. You can check it if you want," he said.

"Tutulong na lang sa gobyerno natin upang mas lalong maprotektahan ang kanilang mga websites," he added.

On Thursday night, "Anonymous Butuan" also posted links to more Chinese websites that have been defaced.

The websites include:

http://btdaj.baotou.gov.cn
http://www.hbfxb.gov.cn/home.html
http://www.hnlyrd.gov.cn/index.html
http://www.npswbb.gov.cn/DataBases
http://old.bjchp.gov.cn/xzfwzx
Beijing has yet to comment on attacks made on Philippine websites, as well as the retaliation made by Filipinos against Chinese government websites.