After hack, Cebu City to improve cybersecurity | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


AFTER two hacking incidents, the Cebu City Council mandated the city’s Management Information and Computer Services (Mics) to strengthen the privacy and information security of government-affiliated websites and web pages.

Councilor Rey Gealon authored a resolution, passed last June 7, urging Mics to tap third-party technology companies to ensure that the web pages of the Office of Senior Citizens Affairs (Osca) and the Department of Social Welfare and Services (DSWS) are “rendered impenetrable.”

In an executive session on May 24, 2023, Conrado Ordesta III, assistant department head of the Management Information and Computer Services Department, reported the two incidents of hacking in the city’s official webpage and the DSWS Facebook page, which both happened in May 2023.

“We immediately did trace the cause of the problem and it was traced to an old user account. This is a content editor from a website, but this user was already removed from the city government. So maybe he shared that information with another person and created a web page,” Ordesta said.

He assured the council that no sensitive data were compromised after conducting a vulnerability assessment of the system.

Ordesta said it was “just vandalism” since the web page created only contained a defaced website.

Gealon also recounted how the DSWS Facebook account was hacked when images of lactating women were on the official page.

“Data security is crucial in the operations of government. How secured or robust its management or process is equated to how effective or efficient government runs,” Gealon said.

The resolution directs the Mics to coordinate with the Department of Information and Communications Technology (DICT) “for the massive and comprehensive usage, across all 27 departments and attached offices of the city government of the e-Gov system.”

Additionally, the Council urged Mics to conduct a software audit of all City Government computers and remove all proxy software, including online games and social media applications.

To further strengthen the security, the Council also resolved to have Mics engage a third-party security web engineer for “vulnerability assessment, penetration testing, monitoring, and digital security maintenance, including regular systems audit.”

All these are to secure and prevent data breaches, especially City Government files.

Gealon highlighted the importance of data security for government agencies and related functions.

“Safeguarding digital information to protect it from corruption, theft, or unauthorized access spells the difference, for example, between how you can give out financial assistance to qualified senior citizens and those unqualified whose names may be entered into the system by accessing the same surreptitiously,” Gealon said.

He added that the endeavor has to encompass all elements of data from hardware, software, storage, users, to even access and administrative controls. (EKV)

——————————————————–


Click Here For The Original Story From This Source.

National Cyber Security

FREE
VIEW