Unauthorized access at the customs authority of the Philippines 

Cybersafetyconnections April 22, 2024, vol# 165

Unauthorized access at the customs authority of the Philippines 

• From Konbriefing there was a data breach at Bureau of Customs (BoC) / Kawanihan ng Adwana – Manila / Lungsod ng Maynila, Metro Manila / Kalakhang Maynila, Philippines  

• Customers and employees identifying information was breached. 

• Why it happened was because of compromised login credentials. 

• No cybercriminal group has claimed responsibility for the breach. 

• BoC took steps to mitigate loss from the data breach. 

What happened? 

Data Breach-A word cloud gathering 

Phillipines News Agency  reported that the Bureau of Customs (BoC) in the Philippines encountered a significant cybersecurity incident on April 7, 2024.

Who was impacted? 

People Group Crowd -Free vector 

According to this you tune video DICT working with BoC to contain cyberattack, limit data breach , Customers and employees were impacted by the data breach. 

Why did it happen? 

Your login credentials 

From the report we have, some of the BoC’s external cloud-based online applications were compromised through compromised user login credentials.   

Which cybercriminal group is responsible? 

Cybercrime Determinant 

The responsible cybercriminal group is not yet known. 

How did BoC Mitigate loss from data breach? 

OWASP Threat and Safeguard Matrix 

When the data breach happened, these were the steps taken by BoC to mitigate loss. 

• Upon discovering the breach, the bureau immediately implemented security protocols to contain and address the situation, including locking all compromised accounts and servers.  

• The IT team has been working to enhance security measures and prevent future breaches.  

• The BOC has reported this incident to the Department of Information and Communications Technology (DICT) and the Cybercrime Investigation and Coordinating Center (CICC). Both departments are actively involved in thoroughly investigating the matter¹ 

• As a precautionary measure, the BOC advises all stakeholders to: 

Change their login credentials’ passwords 

Report any suspicious activity related to their accounts¹.. 

• For further information or concerns, individuals can reach out to the dedicated support team at BOC-CERT@customs.gov.ph¹. Rest assured, the BOC remains committed to prioritizing the security of its systems and the privacy of its users¹ 

From Copilot, we have further preventive measures: 

Preventing data breaches is crucial for safeguarding sensitive information. Here are some best practices to enhance your organization’s cybersecurity posture: 

1. Conduct Regular Risk Assessments: 

• Regularly evaluate your organization’s information systems and processes to identify vulnerabilities, threats, and potential impacts of data breaches¹. 

2. Implement a Strong Cybersecurity Policy: 

• Develop and enforce a comprehensive cybersecurity policy that includes guidelines for secure practices, incident response plans, and employee training². 

3. Secure Data Disposal: 

• Properly dispose of sensitive data, including physical documents and digital files. Use secure methods such as shredding, wiping, or degaussing³. 

4. Data Encryption: 

• Encrypt data both in transit and at rest. Encryption ensures that even if unauthorized access occurs, the data remains unreadable without the decryption key³. 

5. Access Control Management: 

• Limit access to sensitive data based on roles and responsibilities. Implement strong authentication mechanisms and regularly review access permissions⁴. 

6. Employee Training and Awareness: 

• Educate employees about security best practices, phishing awareness, and social engineering tactics. Regular training helps prevent accidental data exposure⁴. 

7. Regularly Update Procedures: 

• Continuously review and update security procedures, policies, and protocols to adapt to evolving threats³. 

8. Monitor Network Traffic and Behavior: 

• Employ intrusion detection systems (IDS) and security information and event management (SIEM) tools to detect suspicious activities and anomalies⁵. 

9. Patch Management: 

• Keep software, operating systems, and applications up to date with the latest security patches. Vulnerabilities in outdated software can be exploited by attackers⁵. 

10. Incident Response Plan: 

• Develop a robust incident response plan that outlines steps to take in case of a breach. This includes communication protocols, containment, and recovery strategies². 
•  

Conclusion 

Remember that data breaches can have severe consequences, both financially and reputationally. By implementing these best practices, organizations can significantly reduce the risk of data breaches and protect sensitive information effectively. 

Subscribe to get the latest blogpost.