In a time when digital platforms are widely utilized, a series of emerging threats to our sensitive personal information are evident but unknown to many—making everyone a potential victim in the digital space.
Did we ever wonder how popular social media sites such as Facebook, Twitter, and Instagram sustain their operations with a free-to-use business model? How did a small social network initially made for Harvard students become one of the world’s most-used platforms? The internet today has become a place where everything is free but at the cost of our privacy and sensitive information.
Personal data, perhaps the most important piece of information we humans possess, is now used by big companies and cybercriminals to gain money without us being aware. Through seemingly simple data such as age, gender, and nationality, social media users become a tool for developers and hackers to exploit one’s data to their own advantage.
In early 2018, Christopher Wylie, an employee from the now-defunct British political consulting firm Cambridge Analytica, revealed that the data firm had improperly obtained data from around 87 million Facebook users, which was used for political advertising and voter profiles. This incident became the company's biggest scandal that led to a $5 billion fine in the United States Federal Trade Commission. Then-US President Donald Trump was also linked to this issue as his 2016 campaign team approached Cambridge Analytica for political ads.
Aside from documented data breaches and cybersecurity threats, isolated cases can occur daily. This is done through Social Engineering—a manipulation technique that exploits human error to gain private information, access, or valuables as defined by Kaspersky, Inc. With the speed of technological advancements, ordinary people are unaware of such threats which leave them vulnerable, especially with the shift to digital platforms.
So, how is this relevant to the country? The Philippines has been deemed the social media capital of the world. According to data from October 2021, the country has around 90.5 million users which makes up around 85% of its total population. And with this reality comes the existence of cybersecurity threats that endanger the very fabric of the country’s digital landscape and economy today.
Local data breach incidents
In the Philippines, government-secured data has been a frequent target of several data breaches.
In 2016, the Commission on Elections had a massive data breach of about 55 million voters’ information which was easily available on the website wehaveyourdata.com—a now inaccessible website. The same incident was reported in January 2022, however, COMELEC claimed that hacking did not take place. Meanwhile, in March 2021, a United Kingdom-based security firm TurgenSec flagged 345,000 sensitive legal documents from the Office of Solicitor General that were made available online.
On the other hand, private institutions are not safe from data breaches as S&R Membership Shopping reported a data breach where 22,000 customers were affected. Just before Christmas, approximately 700 account holders from Banco De Oro (BDO) were affected by unauthorized transactions to a certain “Mark Nagoyo,” which led to ₱25,000 to ₱50,000 losses per account. About five individuals were liable for the hacking while BDO compensated their affected customers.
These cyberattacks have only prevailed during the pandemic, mostly affecting small and medium-sized businesses (SMB). According to Cisco, Inc., 57% of SMB’s had experienced cyberattacks that mostly led to customer data theft. Most of the cases were connected to phishing and unsecured personal devices of employees.
Incidents like these are proof that institutions in the Philippines, especially government offices, lack the capability of handling data breaches. In a study conducted by Kaspersky, Inc. in Q2 of 2019, the Philippines was ranked fifth among the countries which are vulnerable to cyber attacks. A proper recalibration of cybersecurity in the country is much needed especially when most data are being digitized.
How can we stay safe?
As data becomes one of the most profitable pieces of information in the digital space, we must keep ourselves safe from cybersecurity threats. In a time when people and institutions utilize the internet and the digital space daily, cybercrime incidents will always be inevitable and could lead to huge losses, especially financial ones.
When using social media platforms, it is always important to give as minimal data as possible to avoid instances of data breaches. We should always be mindful of online transactions, especially those that are too good to be true. Even with strong cybersecurity measures, millions of data are stolen yearly, with these statistics only seeing a noticeable increase during the global COVID-19 pandemic.
While cybersecurity experts claim that there is no guarantee of safety online, the government should step up the nation’s cybersecurity capabilities and laws that can protect its citizens in large-scale or isolated attacks.