MANILA, Philippines — The National Intelligence Coordinating Agency (NICA) has uncovered 234 cybersecurity breaches across top-tier Philippine government agencies in 2025, raising urgent concerns over the country’s digital infrastructure and national security.
The revelation came during a Senate hearing on submersible drones and Chinese espionage, where NICA Deputy Director General Ashley Acedillo reported that the affected agencies remain unnamed due to their sensitive nature.
“These are high-level agencies. We won’t name them, but the breaches are recent,” Acedillo said.
Dark Web Exposure and Weak Cyber Defenses
Aside from the breaches, 32 agencies had sensitive information exposed on the dark web, while 91 sets of credentials—primarily passwords—were compromised.
Acedillo also flagged 266 digital assets linked to government systems that require enhanced protection. He noted that cyber defenses among some agencies remain underdeveloped, hindering effective response.
“Some agencies still lack mature cybersecurity operations,” he added.
Cyber Espionage and Insider Threats
Acedillo explained that once attackers gain initial access, stolen data is quickly relayed to command-and-control servers, often located in hostile states. He added that attacks often involve malware-enabled lateral movements within networks and could result in complete access denial for compromised agencies.
The NICA official also warned of “insider threats”, saying cyber actors prefer infiltrating through government insiders who can install malware or insert malicious devices.
“It’s more effective and easier for hackers if someone from the inside is co-opted,” Acedillo explained.
China-Linked Cyber Activities and the Need for Reform
From April 2024 to January 2025, NICA recorded 79 China-linked cyber operations targeting key agencies such as DICT, DFA, BIR, DOJ, DBM, and DOST, as well as private firms and educational institutions.
Examples of targeted entities include:
Globe Telecom
Primeworld Digital
University of the Philippines Los Baños
Davao del Norte State College
Acedillo stressed the need for a centralized cybersecurity agency, as the current setup lacks a lead agency solely focused on defending against digital threats.
Calls for Stronger Oversight and Security Clearance
To prevent insider threats, Acedillo cited Executive Order 608 and Memorandum Circular 78, which establish a national security clearance system. However, he admitted these policies are not universally applied across all agencies, leaving vulnerabilities unchecked.
He urged all government agencies to ensure personnel with access to sensitive systems are vetted through NICA’s clearance system to reduce security risks.