Prelude to ROOTCON: The state of Philippine hacktivism

Earlier this year, several Philippine government websites were hacked, including those of the Philippine Nuclear Research Institute (PNRI), the Professional Regulation Commission (PRC), the Food and Drug Administration (FDA) and the National Disaster Risk Reduction and Management Council (NDRRMC). Even the Office of the Vice President’s own website was not spared from hacking. Certainly, the actions of the international “hacktivist" group Anonymous —famous for its support of WikiLeaks and for its attacks on high-security brands like Mastercard, Visa, and Paypal— have spurred the rise of local hacker groups which, at least on the surface, seem to support such cause-oriented hacking. Anonymous’ actions directly inspired the hacks on Philippine websites by the local group Philker, admitted its leader, “n1trob". On the heels of Anonymous and LulzSec “It was a trend started by Anonymous and LulzSec. It wasn't our objective to do hacktivism. More of it was due to the interest of knowledge and sharing it to the next generation and beyond," n1trob explains. Philker says on its Facebook fan page: “Yes, ironic as it gets, we’re campaigning for national security. We broke in to your websites, defaced your pages, made chicken feed out of your computer specialists, and we are asking for security. For those who still don’t get it, we are simply showing you how low the quality of your security is; not to threaten you, but to give you a little heads-up." Another emerging group, named PrivateX or PribadoX, declares: “One Truth Prevails". Their attacks are focused on what they see as corrupt local government institutions. PrivateX usually defaces pages with the text , "Nothing was harmed except your integrity... Corruption, lack of education, and lack of opportunity." But several Philippine business websites have also been targeted by local hacker groups —not because of corruption, but apparently simply because there were security flaws that could be exploited. There have also been incidents of fighting between groups: Just this August, the members of AnonPH, through a project they called “#Operation.Sineskwela," exposed a huge list of names of hackers whom they labeled as “script noobies", calling them out for supposedly hacking on the pretense of campaigning for better security. Where’s the “hacktivism" in all of that? Young hackers after learning “wuub," who claims to be a Cebu-based member of Anonymous, believes that these local attacks are just child’s play, the work of “script kiddies" —inexperienced programmers who study the work of more adept hackers for their own hacking attempts. “These efforts are nothing compared to what the larger Anonymous has done," wuub explains. JC Ricaro, who claims to be a member of Philker, admits that he is just a “young learner" and is glad to be part of a group that shares ideas on information security. “This is where I can find people who I can relate to," he says. Apparently, many local hackers are after learning. How does web security work? What are the flaws? And how do you address these flaws? Mostly, the last question is left for the web administrators and companies’ in-house computer specialists to answer. Valuable insights for government Despite still being in its nascence, the actions of local hacking groups may prove valuable to government agencies. “There are constant attacks at present with nothing to steal yet, [but] the government can learn from it and they [can] focus on the security of their websites or systems before going ‘online’," wuub says. And this is why events like the annual hacker conference ROOTCON —the fifth of which will be held in Cebu on September 9 and 10— are important: its co-founder, Ederlindo Cojuangco III, has repeatedly said that the event is a neutral ground for white hats, black hats, grey hats and other security professionals. He stresses that ROOTCON is not an underground organization or movement, but a completely above-board event attended by a community of free-thinking individuals. “Our main objective is simple – Promote Security Awareness," Cojuangco emphasized. — TJD, GMA News Fleire Castro is a Cebu-based certified blog entrepreneur and inbound marketing professional. She heads Third Team Media, a digital agency specializing in providing assistance for international and local small and medium enterprises in their social media marketing campaigns, and will be attending the 2011 ROOTCON.