On Saturday, the Department of Energy’s (DOE) Government Energy Management Program (GEMP) website was hacked and defaced by a Manila-based hacktivist and greyhat group, exposing its weak cyber security and flawed software system.
According to the statement issued by DOE, they immediately took the system offline and closely coordinated with the Philippine National Computer Energy Response Team (NCERT) and the system's developer to address the vulnerabilities of the website.
The attack was initiated by DeathNote Hackers International, stating that their attack was a wake-up call for DOE. According to the group, the agency must immediately upgrade their security protocols; suggesting the implementation of stronger encryption, regular security audits, an updated software, and investing in advanced threat detection and response systems.
“If a group like DeathNote Hackers, who operate with limited resources and experiences compared to nation-state actors, can compromise your systems, it raises an alarming question: what could happen if Chinese hackers, who are known for their sophisticated cyber capabilities, decided to target you? Imagine the consequences,” the group stressed.
They added that DOE holds critical data and infrastructure that is vital to the everyday functioning of Philippine society. Hence, the issue must not be brushed aside, and be given immediate attention.
“Secure your systems before it's too late,” they concluded.
The DOE assured the public that they are currently exerting all efforts to restore the website to full operation at the soonest possible time. Better strategies will also be implemented to make their systems more resilient.
