Last Monday (Jan. 10), the Manila Bulletin (MB) reported that COMELEC servers have been breached.
The report states that attackers have downloaded over 60GB of data—including (but not limited to) network diagrams, IP addresses, lists of privileged users, domain admin credentials, passwords and domain policies, access to the ballot handling dashboard, and QR code captures of the bureau of canvassers with login and password.
A few hours after the MB released the article , the COMELEC issued a statement that they are verifying if their systems have indeed been compromised, and critiquing details of the report, claiming that the configuration files which include the usernames and PINs of Vote-Counting Machines have not yet been completed.
It has been 2 days since the report, but the COMELEC has yet to provide the public with the results of its investigation. Does this mean the COMELEC is still not equipped to detect and respond to cyber security threats six years after the 2016 “Comeleaks”?
The COMELEC cannot afford to simply be reactive to threats to the integrity of the elections.
It should have a holistic preventive approach to improving its cyber security from detection of cyberattacks, timely incident response protocols, and proper training and policy reviews.
There is no scarcity in the number of competent IT and security experts, advocates and organizations that the COMELEC can tap to ensure proper safeguards are in place.
We call on the COMELEC to release the results of its investigation on this alleged security breach to the public and take all possible measures to safeguard our vote.
We also call on the public to continue being vigilant and hold COMELEC to account in its mandate in conducting clean, fair, and safe elections.