The weaponization of cyberspace has unleashed new ways to disrupt a country’s digital infrastructure and erode its decision-making capabilities. During wartime, the internet becomes a vehicle for launching cyber-attacks and disinformation campaigns aimed at weakening an adversary’s resolve to fight. For instance, the Russian aggression against Ukraine showed cyber and information operations are combined with its kinetic counterpart to disable critical targets. In addition, Taiwan is proving to be another ominous battleground. Its government claims that it is experiencing 30 million online attacks per month. Combined with an elaborate disinformation campaign, these incidents are allegedly part of China’s gray zone warfare.
The Philippines is not exempt from this phenomenon. For instance, during the height of the COVID-19 lockdown, the Bangko Sentral ng Pilipinas (Philippine central bank) reported that they have received 42,000 complaints related to online digital transactions. While the government reported a 200% increase in cybercrimes during the first 6 months of the pandemic. Furthermore, a 2021 study by the cybersecurity firm Sophos estimates that 69% of the 159 surveyed Philippine companies have been victimized by ransomware attacks.
These insidious events underscore the need for the Philippines to adopt a proactive approach that is beyond the traditional cybersecurity concept. Achieving a credible cyber defense posture will require a strategic vision, the adoption of passive and active cyber techniques as well as building competent institutions.
Cyber Defense Posture: Active, passive strategies and the need to build institutions
A cyber defense posture is both strategic and holistic. It is a national security-oriented view that must go beyond the usual organization-based management of information systems (MIS) techniques like strong passwords, anti-virus protection through servers and firewalls among others. This simplistic view must be complemented by doctrines and plans that will articulate how the country views cyberspace and how it intends to protect it. This approach requires a whole of society strategy that can address emerging threats and mitigate the adverse impact of disruption and disinformation.
To start, Filipino defense officials and security planners must define the country’s cyber defense philosophy. This entails defining its long term view and the role of the State in protecting cyberspace. For instance, understanding the threat environment, its geopolitical landscape and the emerging digital trends will allow the country to better determine its requirements. This is where strategic foresight techniques will be useful.
The next step is to adopt active and passive cyber defense practices. Passive cyber defense (PCD) is mainly characterized by the strengthening of digital defenses. This usually entails that an organization’s MIS department has the adequate technical resources (i.e. Servers, firewalls, anti-virus software, etc.), practices (i.e. Cyber hygiene techniques, monitoring of digital resources, IT disaster recovery, etc.) and expertise to address cyber- attacks. PCD also includes mechanisms for reporting incidents, especially those that violate current laws. This is the reason why PCD is closely associated with cybercrimes.
In contrast, active cyber defense (ACD) is a proactive practice that adopts a whole of society approach. Its advanced form includes the development of cyber offense capabilities and expertise to address disinformation. Overall, ACD is intended to protect critical infrastructure, involves a wide range of stakeholders, and promote resilience as well as deterrence. Box 1 provides a snapshot of the components of a cyber defense posture.
In addition, the Philippines can learn from the experiences of countries like the US, the UK and Canada. I believe that these countries provide excellent examples on how to develop a credible cyber defense posture. Here are the common characteristics of the ACD programs of these countries: (a) Early Warning and incident notification: Cyber agencies are tasked with providing warnings about impending cyberattacks, the spread of malware, and misinformation through advisories and coordination; (b) Cyber security as a service: Cyber agencies provide services to government and the private sector. Examples of this service are the protection of its domain name server (DNS), quick reaction services to contain an attack, as well as the conduct of cyber training exercises among others; (c) Policy Advocacy: Develop digital policies that will foster the adoption of cyber security practices at all levels of society and (d) a roadmap of plans and activities: cyber agencies provide activities and milestones intended to enhance cyber readiness.
The operationalization of these capacities highlights the need for competent institutions. For this purpose, a dedicated agency is needed to oversee the country’s cyber defense posture. Aside from ensuring the MIS-level readiness of organizations, this agency will serve as a conduit for collaboration and information sharing between the public and private sectors. It should develop programs that will assess cyber readiness, provide advisories to the public, and respond to emergency situations. Finally, this agency or center must be capable of developing national policies and serve as a repository of best practices.
[Photo by Pete Linforth / Pixabay]
The views and opinions expressed in this article are those of the author.
Sherwin E. Ona, PhD is an associate professor and former chairperson of the department of political science and development studies of De La Salle University, Philippines. He is a senior fellow of the Philippine Public Safety College and the Stratbase-Albert Del Rosario Institute. Dr. Ona is also a module director and lecturer on cyber defense policies at the National Defense College of the Philippines. Dr. Ona is an auxiliary officer of the Philippine Coast Guard with the rank of Commander.
