MANILA — The Department of Information and Communications Technology (DICT) on Tuesday said it is helping the Bureau of Customs (BOC) investigate the recently discovered data breach against the agency.

In an interview with ABS-CBN News, DICT Undersecretary Jeffrey Ian Dy said it was the BOC’s help desk ticketing system and management information dashboard that were affected by the cybersecurity attack.

READ: Cybercrime up amid pandemic as cybercriminals ‘professionalize’: expert

These databases involved the personal information over 2,000 employees and 80,000 BOC customers, based on a report by cyber advocacy group Deep Web Konek.

“Information in the help desk ticketing system includes profiles of clients, and clients could either be importers, exporters or brokers, licensed customs brokers,” he said.

According to Dy, information on cargo movements and potentially even some trade secrets may have been compromised as well.

“May mga nagfo-float na mga information (Information has been going around) about movement of cargo because, if there are issues, you call help desk. It’s possible that some of this information could be classified as trade secrets by the private sector or by these businessmen and traders,” he added.

But since the investigation is still ongoing, Dy said they have yet to actually determine the extent of the hacking, how long it has been going on, and who was behind it.

He assured the public that the BOC’s main system was not infiltrated, and that both agencies are doing all they can to keep it that way.

“Focus now is to make sure na (that) the entire attack is contained to those particular systems which were affected at 'wag tamaan yung iba pang systems na sa ngayon ay safe (and that other systems that are currently safe are not affected). The main system is called the E2M or the Electronic to Mobile System. Hindi yun yung tinamaan (That was not hit by the hack),” explained Dy.

He also noted the possible consequences of a more widespread attack.

“Maraming naka-connect sa E2M. Naka-connect 'yan sa ASEAN single window, which connects all ASEAN countries. It’s like an advanced information system,” he added.

(Many systems are connected to E2M. They are connected to the ASEAN single window...)

Meanwhile, BOC spokesperson Jet Maronilla also told ABS-CBN News that the agency is continuing with its operations even amid the investigation.

“There is no disruption in BOC operations,” said Maronilla in an online exchange.

Moving forward, Dy again called on government agencies to heed the advice of the DICT National Computer Emergency Response Team whenever they detect vulnerabilities in their network and cybersecurity systems to prevent hacking incidents.

“'Yung mga issues na nakikita natin na tinamaan yung BOC, DOST (Department of Science and Technology), most of these naibigay namin sa kanila in advance e. Nasabi namin, may na-detect kaming vulnerability, baka tamaan kayo ng hacking,” said Dy.

(Most of the issues we saw when BOC and DOST were hit, we already called their attention in advance. We said we detected vulnerabilities that could be hacked.)

“Pagtuunan naman po natin ng pansin para dumating po yung panahon na mas kakaunti na yung mga ganitong atake,” he added.

(We hope they pay attention and address these so that attacks like this would lessen in the future.)

Just last week, the DICT also confirmed a cyberattack on the DOST which led to a significant data loss.