The statements come as the Comelec verifies a report that a group of hackers allegedly downloaded sensitive 2022-related data from its servers
Presidential aspirants on Tuesday, January 11, called on the Commission on Elections (Comelec) to ramp up its efforts to protect the 2022 elections from hackers.
The appeal came in the wake of a Manila Bulletin report that alleged a group of hackers downloaded 60 gigabytes’ worth of sensitive data that could impact the May 9 vote. The Comelec said it was verifying the report, although it questioned how hackers would have been able to steal data not yet available online.
The camp of Vice President Leni Robredo and her running mate Senator Francis Pangilinan were “alarmed” by the report and said they hope the poll body could confirm as soon as possible whether the hacking did occur.
“We ask the Commission to immediately take steps to ensure that this, or any other similar incident would not affect the integrity of the May 2022 elections,” the two said in a joint statement.
Senator Manny Pacquiao echoed the Robredo-Pangilinan tandem.
“We should know if the Comelec has a plan in place if our automated polling system is compromised,” he said in Filipino, adding that Congress should exercise its oversight powers in relation to Republic Act 8436 or the Automated Election Law.
Manila Mayor Isko Moreno, meanwhile, said the report underscores the need for the Comelec to affirm its commitment to clean and credible elections.
“We should ask the Comelec about what immediate action they would take in the event of hackers stealing sensitive and highly confidential information in the coming elections,” Moreno said in Filipino.
Senator Panfilo Lacson also urged the poll body to accept help from presidential aspirants’ cybersecurity experts in strengthening the Comelec’s security system.
“Only through transparency and accountability can we guarantee the integrity of the upcoming elections, he said.
The Manila Bulletin report claimed that among the data downloaded by hackers were “usernames and PINS of vote-counting machines.”
But Comelec spokesman James Jimenez said such information “still does not exist in COMELEC systems simply because the configuration files – which includes usernames and PINs – have not yet been completed.”
Jimenez also took note of the “scant substantiation” of the assertions made in the Manila Bulletin article, and invited the authors “to shed light on their allegations.”
White hat hackers?
In a television interview, Manila Bulletin tech editor Art Samaniego stood by the story they published and said the information came from white hat hackers who just wanted to expose the vulnerabilities of the Comelec servers.
“For us, this happened. We verified it. The screenshots are complete,” he said in Filipino. “That’s why we tried to verify it with the Comelec as to what happened. But we were left hanging.”
“White hackers have a warning. If Comelec and Smartmatic do not admit to this, they will release the data,” he added.
Samaniego also posted two versions of the broadsheet of Manila Bulletin released on Tuesday. The publication changed the headline of the piece from “Comelec servers hacked” to “Comelec verifying server hack.”
Two months before the 2016 elections, the poll body also grappled with a major hacking incident, with hackers leaking a voter records database online.
The scandal, now known as “Comeleak,” is considered the biggest leak of personal data in Philippine history, and among the biggest breaches of a government-held database in the world. – Rappler.com