Special Report by Franzel Daleon, Corespondent
As the Philippines accelerates its digital transformation, cybersecurity has emerged as a critical concern.
The rapid shift toward online platforms has made the country a prime target for cybercriminals, and the situation has worsened in recent years.
With the rise in cyberattacks, both the government and private sectors are scrambling to stay ahead of evolving threats. From fintech companies to government agencies, no one is immune to the growing risk of cybercrime.
In recent reports, global cybersecurity firms like Kaspersky and Trend Micro have highlighted a sharp increase in cyber incidents, with over five billion attacks taking place daily. This surge in cybercrime includes a wide range of attacks, such as phishing, ransomware, and deepfakes — each growing more sophisticated and harder to prevent.
The Philippine National Police (PNP) Anti-Cybercrime Division has responded by enhancing its efforts, establishing cybersecurity desks across the nation’s police stations to provide immediate assistance in investigating cybercrime incidents.
The surge in attacks post-pandemic and the growing risks
The COVID-19 pandemic significantly accelerated the shift to digital services, including e-commerce, e-banking, and government transactions. While this transformation has been largely positive, it has also created more opportunities for cybercriminals.
Phishing and smishing attacks, in which fraudsters impersonate legitimate organizations to steal sensitive information, have become increasingly common. Distributed Denial-of-Service (DDoS) attacks have also increased, particularly during the “April Lulz” event, where local threat actors conduct cyber attacks throughout April.
A particularly troubling trend is the rise of AI-based attacks and deepfakes, which have been used in election-related disinformation campaigns and fraud schemes. According to recent research by Trend Micro, these tools are now more accessible and affordable, empowering criminals of varying skill levels to launch sophisticated attacks.
The Cybercrime Investigation and Coordinating Center (CICC) has warned that these threats are likely to escalate as the 2025 elections approach.
Ransomware attacks, which target businesses by locking critical data and demanding payment for its release, are another growing threat. Filipino companies are increasingly becoming prime targets for these kinds of attacks, with the country ranking among the top targets for ransomware in Southeast Asia.
According to cybersecurity experts, these types of attacks can cripple organizations, making it essential for companies to invest heavily in cybersecurity measures to protect their operations.
Strengthening cybersecurity with new laws and strategic plans
To combat these mounting threats, the Philippine government has taken significant steps to strengthen its cybersecurity framework.
The Department of Information and Communications Technology (DICT) has recently launched the National Cybersecurity Plan 2023-2028 (NCSP), a comprehensive strategy aimed at improving the country’s cybersecurity infrastructure.
This plan includes the creation of a National Cybersecurity Intelligence Fusion Center and a network of Computer Emergency Response Teams (CERTS) to handle cyber incidents effectively. The government’s proactive stance also extends to the private sector, with several key regulations put in place to improve security and accountability.
One of the most notable changes in cybersecurity law is the Data Privacy Act’s strengthened breach notification protocol, which now mandates businesses to report data breaches within 72 hours.
This new requirement significantly shortens the previous notification window and aims to enhance transparency and protect individuals whose personal information may have been compromised.
Additionally, laws like the Anti-Financial Account Scamming Act and the Internet Transactions Act have been enacted to further combat cybercrime, with organizations now legally required to notify authorities and affected individuals in the event of data breaches.
Fintech and innovation: Key drivers in enhancing cybersecurity efforts
Fintech plays a crucial role in strengthening cybersecurity efforts. Just recently, leading fintech firm GCash has partnered with the National Privacy Commission to launch a data privacy campaign that’s aimed at educating millions of users and ensuring they are complying with the Data Privacy Act (DPA).
Meanwhile, the industry’s adoption of advanced technologies such as artificial intelligence (AI), blockchain, and machine learning is helping to detect and prevent cyber threats more effectively. AI, for instance, is being used to identify patterns of suspicious activity, while blockchain ensures the integrity of financial transactions. These innovations not only help safeguard digital assets but also foster trust in the country’s growing digital economy.
Despite these advancements, cybersecurity experts warn that the threat landscape continues to evolve rapidly. While much focus has been on external cybercriminals, insider threats, where employees or contractors exploit access to sensitive information, are also on the rise.
As such, companies are placing greater emphasis on training employees to recognize potential threats and implement best practices for safeguarding data. Cybersecurity experts have long argued that human error remains one of the weakest links in the security chain, and mitigating this risk is crucial to keeping systems secure.
The Philippine government’s efforts to tackle cybercrime are critical, but they will only succeed if accompanied by a broader culture of cybersecurity awareness. It’s not just businesses and government agencies that need to act; everyday citizens must also take responsibility for their online security. Simple measures such as using strong passwords, enabling multi-factor authentication, and avoiding suspicious links can go a long way in reducing personal vulnerability to cyber threats.
As the country continues to grapple with the complexities of cybersecurity, the collaboration between the government, private sector, and individual Filipinos will determine the nation’s ability to protect its digital future. With an increasing number of regulations and heightened awareness, the Philippines is making strides in creating a more secure cyberspace.
However, as cyber threats grow in both scale and sophistication, the fight against digital crime is far from over. Success will depend on the continued commitment to innovation, education, and vigilance from all corners of society.