Renato Paraiso, DICT Assistant Secretary for Legal Affairs, says at least 20 of the DOST’s systems were compromised in the April 3 attack, and at least two terabytes of data were compromised

MANILA, Philippines – The nature of the cyberattack that caused the defacement of at least three websites of the Department of Science and Technology (DOST) was consistent with a ransomware attack, though no ransom has been demanded so far, according to Renato Paraiso, Department Of Information and Communications Technology Assistant Secretary for Legal Affairs.

Speaking with reporters on Thursday, April 4, Paraiso said an investigation was ongoing regarding the extent of the cyberattack’s damage. He mentioned, however, that DOST personnel were apparently locked out of their systems, much like in a standard ransomware hack.

Paraiso added at least 20 of the DOST’s systems were compromised in the April 3 attack, and at least two terabytes of data, such as schematics and designs – including old or already-created designs of inventions held by the DOST – were compromised. Backups and redundancies were also compromised, though he did not elaborate on what was taken versus what was deleted.

The effects of the hack – both in the short- and long-term – have yet to be determined while they investigate, however, and Paraiso didn’t discount the possibility that the amount of data accessed could have been larger.

As of April 4, he said they’ve partially regained access to their systems.

Paraiso added that while the site defacements were a means of communication by the hackers, and that digital footprints were consistent with local threat actors, they have not made any demands other than posting political statements on some affected DOST sites.

Earlier on April 3, according to a Manila Bulletin report, sources at the Department of Information and Communications Technology had said the hackers also deleted 25 terabytes of data. – Rappler.com