Gaano ka-grabe yung pagkaka-hack sa Philhealth? Watch our episode with data scientist and cyber security expert Dominic Ligot

Video Transcript / Subtitles:( AI generated. About AI subtitles » )

* AI ("Artificial Intelligence") subtitles on Tagalog.com are generated using "Whisper" by OpenAI (the same company that created ChatGPT and DallE2). Results and accuracy may vary.
* The subtitles do include errors occasionally and should only be used as a tool to help with your listening practice.
* You can request this website to create a transcript for a video if one doesn't already exist by clicking the "Request AI Subtitles" button below a video. Transcribing usually takes 30-40% of the length of a video to complete if there are no other videos in the queue. For example, a 21 minute video will take 7-8 minutes to transcribe.
* Running a super fast cloud GPU server to do these transcriptions does cost money. If you have the desire and financial ability, consider becoming a patron to support these video transcriptions, and the other tools and apps built by Tagalog.com

🎧 Intro Music 🎧

Good evening guys! Welcome to tonight's episode ng ating Facts First Podcast. Ako po si Christian Esguerra. Maraming maraming salamat po sa patuloy ninyo pong pagsuporta dito po sa ating programa.

So today is October 5 para mahina yata internet ko. Ayoko na idiretso rito sa naka wifi ako. Ayoko na ikonect directly rin sa LAN dahil baka mawala yung camera ko. Magka problema na naman.

Anyway, iraos natin ito. Pag-uusapan po natin may kaugnayan sa cyber security. So I suppose nabaritaan nyo po yung nangyari sa Philippine Health Insurance Corporation o PhilHealth.

So di ba sinabi ko nabiktima sila sa PhilHealth? Actually tayo yun. Kasama tayo dun. So tayo po basically nabiktima nitong hacking incident, yung tinatawag na ransomware attack.

Ang salary ng mga hackers ang pangalan Medusa. So papa-explain po natin sa ating ekspertong guest ngayong gabi kung gano bakat hindi itong efekto nitong nangyaring ransomware attack dito po sa PhilHealth.

And of course, ang latest po ay naglabas na po ng ilang mga data yung mga hackers dito po sa tinatawag na dark web. Basically na-expose na po yung ating data dyan po sa dark web. So ano po implications nya? Napakaseryoso po itong usapan natin ito.

So kayo mga troll, quiet muna kayo. Hindi naman political ang pag-uusapan natin. Pag-uusapan natin dito, apektado lahat. So kayo mga troll dyan, I suppose cover din kayo ng PhilHealth. Yung mga bulag na loyalista, so habok pa rin kayo ng PhilHealth or nasa PhilHealth kayo. So makinig lang kayo, pag-aralan natin itong issue.

So, sa program again, si Mr. Dominic Ligot siya po yung founder ng Data Ethics PH. Isa po siyang data scientist at the same time cyber security expert. Magandang gabi Doc, docon nickname niya. Maraming salamat for joining us.

Ano ba yung nangyari? Mukhang ransomware tayo. Actually pwede ko i-connect. Actually pwede ako mag-reconnect kagamit dito yung LAN cable para malinaw ako. Pero lalabas ako dito sa studio. Pero magsarita ka lang. Okay lang ba yan?

Yeah sure, no problem. Hanggang hindi ako bumabalik. Mabilisan ito. Siguro mga 3 oras lang. Siguro mga 15 seconds. Okay. Papa-explain ko lang muna sa iyo Doc. So basically ano ba yung nangyari? Ano ba yung nangyari dito sa PhilHealth? Yung tinatawag na ransomware attack? Go.

So basically it's a cybercrime group. Marami na silang victim na mga companies at global sila. Hindi lang sila focus dito sa Philippines. PhilHealth obviously yung pinaka-recent victim nila. Pero parang gawain talaga nila, mag-hack talaga ng mga companies na actually kung base sa mga pagsusuri namin, yung mga companies na victim nila before.

So alam mo itong mga hackers na ito kung titignan mo yung mga galawa nila, on the one hand talagang they're really in it for the money. Talagang nag-ransomware sila para kumita. But on the other hand, and again I'm not approving their work by any means.

So maraming mga conditions that could have led dito sa PhilHealth hack na ito. In my opinion, sana na-avoid natin kung sana proper precautions were made.

I don't know whether they should click the link or not. Actually you should not click the link. Can I be very clear? Kasi ano yan, product yan of a cyberattack and kung mahuhuli ang kahit sinuman na may possession ng data na yan, that can constitute a cybercrime.

It's a crime. Okay. Sige. Exfiltrated data yan. Di mo dapat ginagalaw yan.

So maraming silang natira. And these are companies all over the world. So mukhang global group. Di lang sila base sa Pilipinas. And maraming mga grupong ganyan actually. Mga naghahanap ng mga mabibiktima. And baka later pag-usapan natin ano ba yung mga possible scenarios kung paano nila nahanap itong PhilHealth.

Medyo excited ako dyan. Pero ilatag lang muna natin kung gano'ng kavicious itong grupo na ito. As far as yun o gano'ng katagal na ba sila nag-cooperate?

Yung mga nagbayad, most likely may mga syempre hindi namin sinuri lahat. You can always interview yung mga kaso na yung naka-exposed lang doon yung mga apparently hindi nagbayad. Tapos nakalabas yung data nila.

Ang point ko naman dito, kung magbayad man ng company. Kunwari lang PhilHealth, although hindi nagbayad ng PhilHealth. Ano naman assurance nung hinack na company?

Wala kang assurance. Pwede nga labas pa rin nila. And I think that's also part of pag-usapan din natin yung mga naging reaction din ng PhilHealth leading to the disclosure.

It's possible na nagbobluff yung hacker. Call yun ng company whether you entertain these hackers or not. Tsaka in a way, sa prinsipyo lang, kung ina-honor mo yung ransom, in a way, ina-encourage mo rin yung activity na yan kasi pinagkakita ka kayo.

Pero yung tradeoff yan, paano kung totoo? Kasi minsan threat lang yan. You might actually even receive mga spam emails, ako nakakatanggap din ako noon, na may mag-threaten sayo, nakita ko yung mga videos mo, mga photos mo, nagbabakasakali lang, padalan mo ako ng X number of dollars on whatever bitcoin to this address, kundi ilalabas ko lahat ng mga photos mo. Marami rin naloloko sa ganyan kahit hindi totoo.

Q1. Ano naman yung tinatawag na dark web? Kasi diba they started publishing data hacked from PhilHealth dito sa tinatawag na dark web. Ano naman to?

I remember reading, that's only maybe 10% at most or 20% ng totoong internet. The rest of the internet, malalim yung dark web. Yung dark web, internet din siya pero yung mga URL niya hindi mo ma-access normally. You need a special browser, kunyari may tinatawag silang Tor na browser na na-access niya yung mga special URLs.

Yung website lang din siya, hindi lang siya accessible via the normal means. Tapos kaya siya tinatawag na dark, bukod sa hindi mo siya makikita normally, marami rin mga karumal-dumal na nangyayari dyan. May mga nagbibenta ng drugs for example or may mga websites where mga hitmen. I don't want to excite people too much kasi you should not really be on the dark web to be honest.

Pinupost nila yung mga, I guess yung mga bounty nila. Oto, merong listahan. Actually, nakailang Philippine datasets na rin na-post dyan eh. If I'm not mistaken, meron pa ng NBI dataset, the AFP dataset, the Comeleek dataset. Pinupost dyan ng mga hackers for the highest bidder.

Ang common na natatransact dyan, usually anything related to finance. Mga credit card numbers, maguro na-download nila somewhere, bibenta nila. Mga $1 per credit card. Kasi hundreds of thousands, sometimes even millions of credit card numbers. Malamang karamihan, hindi gagana. Pero kung niyari, maka-bing with ka kahit isa o dalawang credit card, bawi man yung cost ng buong dataset na binili mo.

So yan, ganyan ang galawan sa dark web. It's not a place for anyone to go, pero it exists.

Maraming kademonyohan pala nangyari dyan sa dark web. Eto, puntahan natin, PhilHealth, gobyerno, papano man mahahack? Papano nahack as far as you know itong PhilHealth?

Okay, syempre may official investigation dapat mangyari dyan. But just to give you some scenarios, again, I'm not saying this is exactly how it happened. Number one, yung encryption ng mga websites ng government. Mahina ang government in general dyan.

Second, yung tinatawag nating mga passwords ng mga tao. Very common pa rin tayong, I mean in our case, may mga nakikita pa rin kami mga cases where yung username admin, yung password admin123. I mean, di ba? Kung ganyan ang password mo, paano magulat kung tatamaan ka?

Something a bit more complex. And ito, this is a common vector. Noong pandemic kasi, syempre hindi ka makapunta sa office. Maraming mga companies, yung ginawa nilang setup ng IT nila is you can access your office PC remotely.

Kunyari sa Windows may tinatawag na remote access. Actually, it's not very safe to do that kasi parang in-expose mo na yung, parang binuksan mo yung gate ng bahay mo, welcome, I'm open. Maraming mga companies yung gumawa na. I'm not saying PhilHealth did that pero that's a potential vulnerability na pwede makita lalo na kung Windows yung computer mo, nakabukas yung tinatawag nilang RDP port.

Makikita ka agad ng hacker yan. Huwag niyong gagawin yan kasi there are more, I guess, secure ways of doing that. Kunyari mga VPN where pwede ka mag-login sa network ng IT ninyo sa office remotely. Secure yun, encrypted yun. Pero yung bubuksan mo lang yung RDP port, kitang kita agad yan, and pasok na yan.

So i-combine mo. Nakabukas yung RDP port mo tapos yung password mo admin123. Again, I'm not saying that's what happened but that would be one of the first things I would look. And then another thing din yung...

Wait TukTuk before you proceed mo. Yung RDP port in layman's term, ano yan?

Okay, so merong function kasi sa Windows. Ano to feature, hindi to bug, yung tinatawag nilang remote desktop protocol na RDP where literally you can access another computer with a computer parang using yung port na yan. Parang ka nag-login sa second laptop mo using your one laptop.

Normally, the safer way to use that is within a network. Ninyari, sa bahay mo, meron kang computer sa ibang floor, accessing mo sa baba. For some reason, you wanna do that. Or usually, it's in the context of transferring files.

Para mabilis.

Mabilis ng network. Pero pwede mo rin gawin yan in the internet. Ninyari, nasa bahay yung computer mo, tapos nasa wherever, sa ibang lugar ka. Or baliktad, nasa office yung computer mo, sa bahay ka, nakabukas yung port na yan, maka-login ka.

Pinag-usapan din natin ito in another context, yung IP address. Pag alam mo yung IP address ng bahay mo or ng office mo, you can log in, haharapin mo nalang yung computer IP and then you can log in.

As I said, that's dangerous kasi anything na kahit hindi mo sinabi yung IP address mo, meron ginagawa yung mga hacker na common method where you can scan mga ports. Tawag nila port scanning.

And random lang yan. Magrarun lang sila ng program. Maghahanap lang yan ng mga random IP. Tapos pag may nakita sa lang, ops, merong bukas na port, yari ka. Kasi that means it's an attack waiting to happen.

It's a common practice na nakabukas yung database sa internet. For, I don't know, automation purposes, kunyari gusto mong i-access sya remotely or maybe may dalawang, what you call this, may dalawang systems na gusto mag-usap and they're located in different locations.

The challenge lang talaga dyan is kung may combination ka of nakabukas yung port tapos pangit yung password mo, super daling hulaan, you're really asking for trouble. That's another thing.

And then I was about to get to this. This is a more common problem. Yung mga unsecure emails. For example, may spam ka na receive, mga phishing, tawag dyan phishing. Yung mga simple na phishing attack, literally tatanungin ko lang.

Kaya makatanggap ka ng email, kunyari sakin, from Doc Ligot, Christian Esguerra, oh hey Christian, padala mo naman sa akin yung password at username ko kasi nakalimutan ko. Actually, it didn't come from me. Pwede mo kasing ispoof yung mga email na yan. Nakala mo galing sakin, but actually iba yung email address. That's the simple version.

This is a more complicated version. Again, this is another thing I would immediately check. Baka may attachment, kunyari PDF file, whatever, pero hindi talaga siya PDF file. Kunyari lang, pag clinic mo siya, actually it's a program and that creates a vulnerability na sa network mo. Can be many things. Pwedeng huguti niya lahat ng credentials ng computer mo, papadala niya sa hacker kung nakaconnect yung computer mo sa internet.

Probably, this is probably connected. It can open yung port na yan. So baka originally wala pala siya, nakasara pala siya, pero may clinic kang attachment, literally bubuksan niya yan at malalaman na agad ng hacker, oh may nakabukas ng ating booby trap, puntahan natin ito. Very common, very common attack, lalo na kung kunyari, it happens in the normal course of doing business.

So if there's a person na nakakatanggap ng email sa taong to, and then suddenly may lumusot na email na kunyari galing sa taong na yan, you would not think twice pagbukas ng attachment, parang walang nangyari, pero yun pala na buksan niya.

Usually, naboblock yun ang antivirus kasi the programs are trained to spot yung mga ganyan. Pero if it's an expired antivirus, it's possible na may makakalusot yan kasi ang antivirus kasi ano ba talaga yung nag-expire dyan?

May mag-expire dyan yung listahan of known malware and viruses. Kung hindi updated yun, may bagong version na lumusot, that's where it could have started.

And again, hindi pa fully known kung at least in my end, I haven't seen the actual data file kasi alaki eh. I think at least 800GB ata.

Nag-invictima ng red tape yung ano.

Sorry I'm a bit angry about this kasi data natin yan. Lahat tayo mandatory contribution sa PhilHealth and you trust na we can get more into the details later. Yung number mo nandoon, email mo nandoon. Tapos makakompromise yun.

So as far as ano, ano ba yung mga na-compromise sa data natin?

Okay may conflicting reports. Gumitin muna natin yung third party reports kasi yung unang turing, wala. Kasi may common phrase na ginagamit si PhilHealth, just paraphrasing their statement.

The member database is intact or was not infected. And then towards the later part, lalo na nung lumabas na yung link, may mga kasi based on what I'm reading, the ICT is investigating it already.

Meron ng lumabas ng employee data. And then later on, the most recent news, some member data and employee data. So palaki ng palaki. So di ba natin alam fully baka by the time matapos yung investigation, baka there's more to it than that.

Sorry Dokka. Ang dating sa akin yan, kung nagbabago yung lumalabas na information from PhilHealth, they don't know.

Or nag-evolve pa. I mean let's be fair. Kasi to be honest, di naman madaling i-handle yung data na ganyang kalaki.

Hindi nga. Pero kung sasabihin mo originally na wala naman na-expose na member database, nagsalita ka na tapos. Apparently, paano meron pala.

I'm going to go on the record here. Kasi there was a press conference recently, right before the deadline.

And I don't know bakit ganito yung patakbo. Basically, yung presidente ng PhilHealth mismo.

Tila bang hinamon pa yung mga hacker? Kasi tinanong sila, di ba kinababahala, ganyan. Sabi na, tingnan na lang natin. Malamang nagbabluff lang yan.

And ang sabi pa ng spokesperson or the president, kung merong lalabas dyan, fabricated yung data na yan. Di ba may mga ganong assumption.

So for me, maybe it's for PR or whatever, pero huwag ka muna magsalita until you see it. In the first place, meron ng clear and present risk.

You have to assume the worst case scenario palagi.

And for you, at saka yung mga hacker, hindi mo hinahamon yung mga ganyan tao. In the first place, nagawa na nga nilang mapasok yung system mo.

And now evidently, true pala siya. Then i-assume mo na bluff. Unless alam mo talaga na hindi.

Would've been better to say, actually, nacheck na namin. Di naman totoo. Pero it seemed very speculative at that time.

I think that was around 1 o'clock, right before. Kasi 3.20 lumabas yung airbox. 1 o'clock PM.

And then 3 o'clock lumabas. Ngayon, unti-unti na nag-trickle out yung mga reports.

And then, I've also been in touch with, may mga cyber investigators na rin tumingin.

Siyempre, mga people who would not be named. Kasi they're doing it out of para sa bayan.

Yung patikim, nagbigay ng patikim yung mga hackers before the deadline.

And it's just a list of files. The list was so big. Almost 50 or 60 MB. Yung listahan pa lang na yun.

Hindi pa yung actual files. And may mga mukhang sensitive talaga na data na nandun, according to that list.

Like what?

Mayroong list of senior citizens. May ganoon. May lumabas na ganoon.

Mayroong list of... Well, of course, may employee list.

Kaya hanapin mo lang yung mga keywords. Siyempre, until you see the actual file, you don't know what's there.

Pero if you take that list at face value, there might have been at least a few member data that could have been leaked.

Kaya, I mean, I'm assuming lang na the ICT and related parties using that information is going through the data.

And for me, ang immediate protocol dapat dyan, if it were me lang, kontakin nyo na agad kung sino man yung nandun.

Hindi mo na-compromise yung information mo and take the following precautions.

Actually, kahit ako, not even knowing what's in the database, nag-post na ako.

Guys, kung yung number mo in PhilHealth, ginagamit nyo for any other thing, palitan nyo na agad.

Just don't even entertain the possibility na ma-compromise yung identity mo.

Kasi nowadays, without us asking for it, naging personal identifier na natin yung cellphone natin.

Karamihan naman ng tao, isa lang naman yung phone na gamitin.

Ako, F3. Kasi talagang praning ako.

Pero yung iba, isa yung phone mo, yun din yung ginagamit mo sa Facebook, yun yung ginagamit mo sa whatever, Lazada, Angkas, probably, or online banking.

The moment malaman nyan ng isang hacker, mayroong tinatawag na attack na SIM swap.

Kunyari ikaw, nalaman ko yung number mo, Christian Esguerra.

Tapos meron akong copy ng mga ID mo which allegedly the Medusa people have based on that dataset.

Naglabas din kasi sila ng video.

Literal passport photos nandun.

So I have your ID, Christian. I have your number. Punta ako sa telco.

Hi, this is Christian Esguerra. I lost my SIM. Can I request for a replacement?

And again, maybe the pressure is now on the telcos.

How are they verifying the identity?

Usually, titignan lang nila, please provide an ID.

If you're not the person, authorization letter.

And then within 24 hours, you have your SIM.

Pag nakuha ko yung SIM mo, next step, email mo na.

Iri-reset ko na yung Gmail mo or whatever email you have.

Dali na mahuga, ahulaan yung email mo.

Christian.esguerra or whatever.

Various combinations. May mga normal combo na yan.

The moment may ma-reset akong email mo, wala na. That's it.

Probably, it's the same email you use for Facebook.

It's the same email you use for Lazada and everything else.

Wala na. Kuha ko na yung identity mo.

Kaya for me, yun yung immediate chain reaction.

Oh my gosh. Sabi ko, nandun yung mga cellphone numbers.

We have to tell people.

Hassle siya. Palitan yun na agad.

Pinakahassle yun yung bangko.

If your banks are like my banks, you have to go in person

to change them sa branch of account.

Hirap nun. Napakahassle.

Ano ba yun sa'yo?

Karamihan are the local banks.

UPI, BDO, Metrobank.

Yan ang normal protocol.

Basically, dun sa branch.

Eh kung napalitan na yung SIM card mo without your knowledge,

yung OTP mo pupunta na dun sa hacker.

I mean, think about it.

Kasi yun yung way mo of protecting your identity.

Yung multi-factor or two-factor authentication.

OTP, PIN.

Pupunta yan dapat sa phone mo.

Eh kung hindi mo na-control yung SIM mo kasi napalitan na siya.

Imagine mo, three steps yan.

You have to go to the telco and tell them,

Boy, yung nagpapalit ng SIM, hindi ako yun.

Oh, please provide verification. Ganyan, ganyan.

Tagal. May affidavit of loss pa yang nalalaman and all that.

You're really wide open if you entertain the possibility.

So ang dapat gawin,

Andami kasi member ng PhilHealth, diba?

So hindi ko nakakamali, more than 90% ng coverage yan, diba?

Yung pinagmamalaki yan.

So ang advice mo, just to be cautious.

On the safe side.

Huwag pa rin ng number.

If you think, oh nga, if you think yung number mo sa PhilHealth,

kasi may application form ng PhilHealth, katapat-katapat na data yan.

You fill that up, diba?

Baka nga hindi nyo naaalala kung ano yung pinilapan ninyo

kasi probably you applied for it when you started working, diba?

If it's the same number you're using for any other identity,

don't even think twice.

I-detach mo na.

At the very least, detach your number from your emails.

There was a big hack years ago.

Yung Yahoo hack.

Nangyari ito sa Facebook.

Parang nakakompromise yung database ng Yahoo.

And ang ginawa ng Yahoo, to be safe,

dinelete niya lahat ng compromised emails.

Nakakanala ko yan.

Dinelete nila, to be safe.

However, hindi naman na-delete sa Facebook yung mga email na yun.

Kanyari, ChristianEsguerraAtYahoo.com,

dinelete ni Yahoo yung email mo.

So your email does not exist.

Pero nakakalimutan ng mga tao na,

hey, yun yung email na ginamit ko pang bukas ng Facebook.

So that doesn't stop me, for example,

from creating a brand new ChristianEsguerraAtYahoo.com,

exactly the same email you had.

Since wala na siya sa system ng Yahoo,

gawa na akong bago.

And yun punta ako sa Facebook,

re-reset ko na yung password ko,

pupunta na siya dun sa Yahoo na yun.

And then that's it, I can take over.

Ang dami mga taong nabiktima dyan.

Identity theft, no?

That's just with the email.

Ngayon, nauso na yun two-factor or multi-factor authentication.

Di lang email, kailangan may telpon number.

It makes everyone a little safer.

Pero paano kung nakompromise yung number mo?

Ah, yun, hassle yun.

Pagpalitan mo ngayon lahat ng...

Nakakahilo eh, kaya ang dami nag-galit.

It's not political, it's just incompetence.

Kasi lahat tayo tinamaan.

Doesn't matter kung BBS ka, or BBM ka,

or kakamping ka, lahat tayo tinamaan.

So I feel na hindi dapat natin politika tong issue na to.

Talagang we have to hold people to account.

And protect ourselves, yung bottom line.

Defense muna tayo, defense.

Speaking of accountability eh,

nang gusto kong puntahan.

Hindi naman pwedeng ganon-ganon lang yan.

So ang criminal gagawa ng criminal.

Yan ang trabaho nila eh.

Pero yung PhilHealth bilang gobyerno,

dahil kinuha nila yung data natin, private information,

dapat protectahan nila.

So ano yung mga dapat gawin dito?

Dapat may managot, di ba?

So if your data was compromised...

Actually, ito yung magandang tanong eh.

Ano bang kaso yung ipa-file mo to begin with?

Kasi may criminal case, may civil case.

Number one, you have to prove na may breach.

Somehow, malalaman mo mo lang naman yun.

Pag biglang meron ang kumukontak sa'yo,

or somebody made an attempt.

So that's a breach.

Until then, or na-verify mo na nandun ka sa dataset.

Kaya nga, segue lang tayo saglit.

I feel that another thing that needs to happen

is kung sino man yung nag-i-investigate ang data na yan,

kailangan meron tayong facility to validate

if your name is on that list.

Merong website na haveibeenpwned.com

It's maintained by a private individual.

Ginagawa lang niyang public service

na ina-upload niya dun yung mga passwords

tsa mga names.

Naka-encrypt yun.

So you won't be able to get it.

Pero you can check,

is my name Dominic Ligot in that list?

Or is my password, yung mismo password mo,

mavalidate mo kung na-breach siya somewhere.

So that should certainly happen for this.

Kailangan may way tayo validating.

Di ba dapat gobyerno gumawa nun?

Correct.

They're the most equipped.

And they're the ones who can do it legally.

Remember, a private citizen should not have access to that data

kahit na naka-open siya.

Nothing's stopping anyone.

So, dapat may helpline na paano kung na-compromise ako.

Anong mangyayari?

So if, let's say, proven na may breach or worse,

hopefully hindi nangyari,

meron nang nangyaring financial loss,

may gumamit ng credit card mo or whatever,

according to the NPC, you can sue.

Kasi under the data privacy app,

yung data controller, whoever has possession of your data,

is liable for breaches.

Who's the data controller here?

Field Health is the data controller.

Yun lang. I mean, just keep it simple.

Pero sobrang hassle na yan. Sobrang hassle yan.

Tsaka mag-astos. Mag-ahir ka ng lawyer.

Parang paramihan sa atin, public attorney ang habol mo.

Haba ng pila doon.

So, nakapanghina kasi you feel so helpless.

Ito may tanong sa'yo, Dok.

Basically, nasagot mo na ito.

How do you know if your account is compromised?

So, dapat may maglabas.

Basically, dapat gobyerno.

Yung inquiry, whatever you call it,

validation portal, siguro.

Dapat labas agad yun.

Para macheck mo agad.

Kasi malay mo, wala ka pala doon.

At least, you can feel a little safe.

Pero, yun na nga.

If you don't want to take second chances,

palitan mo na agad.

And then, secondly, if you're there,

what do you do?

Kailangan naka-outline na yung steps.

This is how you protect yourself.

Parang right na. Wala kang mahanap na gano'n.

May nagpasalamat nga sa akin the other day,

na, muna na lang, Dok,

nag-post ka dito sa social media.

Otherwise, di ko alam yung gagawin ko.

I mean, to be honest, most of us don't really...

Yung nga, eh.

Actually, nalama ko extent ito

because of your posts sa Twitter.

Ayokong gamitin yung ex.

Hindi ako makarelate doon sa

ex social media platform.

Ibang episode yun,

pag-usapan natin yung Twitter ngayon.

Kung hindi ka nag-post niya,

hindi ko malaintindihan yung extent

nitong hacking sa PhilHealth.

And you were actually doing

a lot of public service with that.

E, sa gobyerno wala pang gano'n

initiative for us to know

yung mga PhilHealth members

kung talaga na-expose ba yung data natin?

I feel yung reaction time lang.

I think eventually,

malamang lalabas din.

Pero, ah, tumakdunin ka ba yun?

Diyan na yung...

I mean, in the first place,

again, I'm just talking out of my, ano,

parang ano, my own sentiment.

Bakit umabot doon?

At bakit parang hindi seneryoso?

Lumabas pa to,

Second wind.

Si...

Si...

Sino ba yung taga Manila Bulitin?

Si...

Si Art Samaniego posted it

4 days before the deadline.

Ito na. May countdown pa nga siyang pinakita.

The website has a countdown.

Parang way of raising the alarm bell.

Pero I feel na

either it was not taken seriously

or baka people thought

wala naman ng unyang laman.

Alala nga yan.

May tanong sa'yo sa Pinky.

Is it safe to do an online check

of one's PhilHealth account at this time?

Ah, yes.

Automatic dapat yan.

Unfortunately, again,

ba... bad day lang yun,

you might not even be able to access it right now.

Kasi ang ginawa ng PhilHealth,

hindi naman din nila yung system nila

in reaction to the...

to the hack.

Pipila kayo ngayon

sa PhilHealth office nearest you to check.

Or at the very least,

i-validate nyo ano ba yung data ninyo

na nasa PhilHealth.

That should be top of mind.

Actually, it applies to any government service.

Kasi nowadays,

sinihingi na yung ID,

telephone number, email,

in practically every application you make,

whether it's PhilHealth,

SSS, Pag-IB,

driver's license.

And then, di ba,

sa DICT, there's a move to put all of that

into one super app.

Again, I'm not politicizing it,

pero the moment everything is in one database

at na-compromise yung database na yan,

wala na. That's it.

And then,

kung mag-uusapan yung national ID,

that's another cat of worms, no?

Pero ganoon.

For convenience kasi yan,

you're putting everything in one place.

Pero ang trade-off mo sa convenience

is security.

Kasi na moment makompromise yung isa,

wala, tatamaan lahat.

Ayun nga eh.

Masagi, marami tayong pag-uusapan in the future, no?

Marami tayong dapat himayin.

Pero dito sa pagtatapos,

ano yung mga dapat gawin ng PhilHealth?

Or ibang mga government agencies,

mga kumpanya,

to be able to

be more resistant naman sa mga ganitong ransomware attacks

in the future?

Okay, sige.

Three points.

Number one,

defense.

Immediate...

Well, okay.

There was another article that came out,

yung nakasama rin natin sa show si Carlos Nazareno.

Ang riniklama naman niya is,

bakit Gmail yung ginagamit ng government?

Maramang kwento yan, no?

But ano ba yung problema kung Gmail?

Kasi kung Gmail naman ng legit PhilHealth person yun,

okay lang sana.

Ang problema, since it's not an official email,

ang daling gumawa ng fake na...

Kunyari, philhealth2023 at gmail.com.

Something like that.

Igawa kaya tayo ng philhealth2023-1 at gmail.com.

Ilabas mo yun.

Would a citizen be able to know the difference?

O di yun na, di ba?

So, there's a use for official emails.

That's number one.

Number two,

I just have to say it,

even up to now,

yung security ng mga government sites natin,

talagang...

I'm not just talking about PhilHealth.

Ang dami eh.

Local government, national government.

Number one, di nga nare-renew yung encryption yan from time to time.

Nage-expire yan.

Dapat automatic may hygiene yan.

And then, if yung news about that expired antivirus na report na,

I mean, that's basic.

Bakit dinadaan pa sa...

I mean, I don't know.

Kung ano man yung reason, procurement or not,

kasama sa hygiene yan, dapat hindi yan nagla-lapse.

Dapat hindi yan nage-expire.

Alright? Sige.

Yung discipline ng mga tao sa loob,

again, I can't speak for anyone there,

pero there's a reason why nagkaroon ng vulnerability dyan.

Di ba?

That means mayroong nagkamali dyan.

Whether it was that potential yung port naka-open

or may nag-click ng attachment

tapos wala ka pang antivirus.

So that means...

Actually, I don't know if that's discipline

and education din.

Malamang education.

We need to do a media literacy,

cyber security literacy.

Si National Privacy Commission,

they do that eh, often eh.

The ICT also does that.

I guess kulang lang talaga

kasi kung alam sana ng mga tao yan.

I mean, little things like how do you know

kung mukhang pini-phish yung account mo?

Di ba? Mga ganyan.

Minsan hindi second nature.

Every time na lang may sumasabog

kung ano man leaks,

sakalang tayo nag-aalala

pero after that, wala.

It's gonna die down.

So yun yung top three.

And then, ah, maybe close fourth.

What do you do if something happens?

I don't see it posted anywhere

or kailangan ko pang hanapin.

Kailangan second nature.

Parang yung hotline ng bumbero,

di ba? Kung may maamoy kang sunog,

alam mo na agad,

fire station, call agad.

Dapat may ganyan din tayong attitude sa cyber.

You know who the people you can call,

na identity theft ka.

Kasi ngayon, I bet you,

talangin mo mga viewers natin,

anong gagawin mo kung na-compromise yung account mo?

Ayawin ko, NBI ba yan? PNP ba yan?

NPC ba yan?

And ngayon, lahat yung...

Ako, ako yung may message ko,

si Doc Rigot.

Oo, ipo-post ko na lang.

Pero I mean...

Seryoso?

I do my best.

Pero syempre,

dapat may official tayong...

And I know a number of people in government

that they're trying their best.

But I feel like we just need to do better.

Ah, kasi...

Eto, hindi naman akong nagsabi nito.

We're the number two.

Buti nga akong number two eh.

Target for cyber attacks.

According to a security firm.

Bakit tayo tina-target?

Kasi ang dali nating i-target, no?

Maraming vulnerability.

At saka hindi biro yung mga $300,000 na bounty na yan.

Hindi na maliit na pera yan.

So that means,

kung ikaw si Medusa,

alam mo na pwede mong makuha yung pera na yan.

Unfortunately, hindi kinol...

I think, hindi naman kinol yung kanilang ransom.

Pero as a result,

kumakalat na ngayon yung data na yan.

Mali ba natin kung sino yung na-download niya.

Yan. I mean, those are my sentiments.

Ay nako, grabe.

Nakakaanak.

Mabigat sa pakaramdam na itong interview natin, ah.

Nakakainis lang.

Kasi parang siyang...

Okay sana kung talagang may nanadja

and despite your best effort,

somehow, na-penetrate lahat ng defense.

Ito yung kaso na ito,

parang negligence ang dating eh.

It is negligence actually.

And ito pa yung malala.

If you can't trust the government,

who can you trust?

Yan yung problema diba?

Kaya ka nga,

willingly nagbibigyan ng data mo sa field health

and all these other entities.

Kasi alam mo,

sana na pinaprotectahan nila.

Kasi public service yan.

Paano na ngayon?

You know?

Nababasa ko sa comments nga eh.

Parang yung mga iba,

kayo na mag-contribute sa field health.

Eh, benefit mo yan eh.

Diba?

Sa employment mo,

kasama yan sa benefits mo eh.

Yung problema,

naging liability pa yung benefit mo.

Again, it's...

Yeah, I'm sorry to be so negative about it.

Kasi kahit ako,

nag-alala ako eh.

Tapos yung mga senior citizen,

assuming they were exposed,

hindi naman mga tech savvy yung mga yan.

Diba?

Maka iba pa,

hindi na makita-kita yung...

Hindi na naman mabasa yung apps nila.

Kawawa naman si lolot-lola.

Tatamaan sila nyo.

But maraming maraming salamat sa iyo Doc Ligot

for explaining all these things patiently sa atin.

Maraming maraming salamat sa iyo.

And thank you.

I think I speak on behalf of our viewers

in expressing our gratitude sa iyo.

Because of the help,

the assistance that you've been extending

to the public.

Di mo naman siya trabaho,

pero kinagawa mo.

Maraming maraming salamat sa iyo

for joining us tonight.

Thank you, thank you.

Yeah, last request lang.

Parang for now,

let's not politicize it.

Let's play good defense.

And then later sana may managot.

Yan lang yung hope ko.

Sana nga.

Okay, si Mr. Dominic Ligot.

Nakausap po natin,

cyber security expert.

Thank you.

Magandang gabi sa iyo Doc.

Good evening.

Ayan, si Doc Ligot.

Nakausap natin ngayong gabi.

Bigat.

Pinag-usapan natin.

Sana may managot.

Pero sana maayos na tong problema nito

kung maayos pa.

Okay.

Nga pala.

Pasensya na kayo dun sa...

Di ba nag-restock tayo ng merch natin?

Yung mga shirts and mugs?

Gulot ako ah.

Ito walang joke ah.

Di ba in-announce natin kailangan makahapon?

Pasensya na po.

Na sold out in 2 hours.

Pasensya na po.

Dun sa mga hindi nakahabol.

Pero sinisikap po natin

mag-restock uli.

Ma-replenish yung supplies.

Very very soon.

Maraming maraming salamat po sa inyo.

Pero yun po yung nangyari.

Ayan, dun po sa mga naka-access, naka-bili.

Well...

Kung magpo-post po kayo about it, just tag me.

Para ma-share din po natin sa ating mga social media accounts.

Isa po sa mga...

Umabot si...

Attorney Romulo Macalintal.

Yung sikat na election lawyer.

So...

Meron siyang shirts and mugs.

Maraming maraming salamat po.

Tsaka sa inyo po lahat.

Tapos shout out po.

Ito kasi may nag-message po sa akin.

Matagal lang po natin tong viewer.

Ayaw niyang basahin ko yung buong message niya.

Kasi...

Nakakahiya daw.

Pero natatempo akong basahin eh.

O sige, hindi ko babasahin ng buo.

Siya po si Angeles from San Jose, California.

Gusto ko tayo shout out eh.

Maraming salamat po for always watching.

For supporting our program.

Our advocacies.

So meron siyang pinapa-shout out, pinapabate.

Ang pangalan si Rico Sico.

Rico, maraming maraming salamat sa'yo.

Shout out.

Sabi ni Angeles...

Ayun.

Magkaibigan kayo.

At matagal lang gustong magpa-shout out.

Masugid mo rin siyang tagapakinig.

Kung hindi man siya nakakapanood ng live after work.

Hala, hindi pwedeng ma-miss ang program mo.

Wow, grabe.

Rico, maraming maraming salamat sa'yo.

At siya kay Angles.

Thank you, thank you very much po sa inyong lahat.

And then kay Miss Divine Villafuerte,

pa-shout out sa kaibigan ko na si Noni Llamido,

na nanonood ng Facts Verse.

Ayan.

Si Divine daw yung nag-introduce itong Facts Verse

kay Miss Noni.

So maraming maraming salamat sa inyo.

Ayun.

Sige, maraming salamat sa inyo.

Pagkita kita po tayo bukas.

So meron po tayo pag-uusapan na issue tomorrow.

Inga po, yung latest facts statics video na kung gusto mag-contribute.

Ano ba yung sa tingin nyo dapat gawin yan sa confidential funds na yan?

Dapat ba ilimit yung mga government agencies na dapat bibigyan yan?

Kung ano po yung sentimiento nyo.

Padala nyo po yung video nyo.

I-send nyo po sa aking Facebook account.

Up to 1 minute po yung video.

And then again, dapat meron tayong mga standards na sinusunod.

Bawal magmura, maging personal, walang character assassination.

Just stick to the issues. Okay?

So maraming maraming salamat po sa inyo lahat.

Ako po si Christian Esguerra.

And again, sa Team Replay, maraming salamat.

Alam ko pinapanood at pinapakinggan nyo itong ating programa on a delayed basis.

Maraming maraming salamat din po sa inyo.

Magandang gabi po.

Magandang gabi po.