After waiting for months, the Computer Emergency Response Team (CERT-PH) under the Department of Information and Communications Technology gave us a copy of its initial findings confirming that the source of the cyberattacks on our websites originated from an IP assigned to the Philippine Army.

In its report dated August 11, 2021, CERT-PH initiated the analysis and investigation on the alleged unauthorized scan on the websites. Here are the relevant portions of the report:

“CERT-PH called DOST [Department of Science and Technology] ,and confirmed the IP was assigned to the Philippine Army. This IP was also seen in the provided log file by bulatlat/altermidya which is  202.90.137[.].42.”

“CERT-PH noted the 2182 lines of logs with destination bulatlat.com from the IP 202.90.137[.].42 which was submitted by the investigation requester.

An additional analysis did not prosper due to non-established coordination with the organization currently using the said IP.”

CERT-PH validated what we already know from the forensic investigation by our hosting provider, Sweden-based Qurium Media Foundation. When we published Qurium’s findings in June, the Armed Forces of the Philippines feigned ignorance, and issued a statement claiming that the institution upholds press freedom.

At that time, the DOST, which provides the infrastructure to the Philippine Army, would not reveal the agency behind the IP space. In response to our letter requesting for a formal investigation, the DOST said it has asked the DICT to conduct an independent probe, and assured us that the DOST will never infringe upon any right, including the right to press freedom.

As of today, we have not received any communication from the DOST regarding its investigation, which we requested a copy of. We tried reaching out to them via office phone and email, but we have yet to receive a response.

We condemn the Philippine Army for carrying out cyber crimes against independent media outfits. We take offense at the duplicity they have shown regarding this incident – publicly professing respect for press freedom but launching vicious digital attacks, and never cooperating with other government agencies.

We are at the very least disappointed with the DOST for covering up for the Philippine Army. DOST should not allow its infrastructure be used to suppress the truth, and should impose penalties for agencies found to commit abuses.

We thank the CERT-PH for doing its mandate, and for providing us a copy of the report. Although the report is marked TLP: AMBER, which means the information should be restricted to the parties involved, we deem it necessary to publish the findings. There is no reason to keep it confidential especially if state agents used public funds and resources to infringe upon our right to publish and the people’s right to information.

In the light of another forensic investigation made by Quirum on the cyberattacks on the website of Karapatan, we call on all press freedom advocates and truth seekers to join us in demanding accountability over the cyberattacks.

Stop the assault on press freedom.