DSWD-7 warns public over hacked Facebook page
A screenshot of DSWD-7’s Facebook page.
CEBU CITY, Philippines — The Department of Social Welfare and Development in Central Visayas (DSWD-7) is urging the public, especially the netizens, to be careful when visiting their official Facebook page.
In the announcement published by DSWD-7 on January 23, they assured that they had already taken the necessary actions over their hacked social media page.
READ: PCSO FB page not hacked—DICT
DSWD-7 maximing other social media platforms
“While waiting for the results of the actions taken by DSWD-7 regarding its hacked DSWD Region VII Facebook page, the agency is maximizing other social media platforms like X (formerly Twitter), Instagram, YouTube, and our DSWD FO7 Viber community for the publication and posting of news, feature stories, events, videos, and announcements,” DSWD wrote.
Leah Quintana, DSWD-7 information officer, also assured that they had already taken actions on their page.
Moreover, the agency encouraged the public to follow and subscribe to DSWD-7’s official website and other social media accounts beside Facebook for information and updates.
The hacked Facebook account of the agency featured shared posts of random videos, most of which were of animals and some were related to crafts.
READ: Website of House of Representatives attacked by hackers
PSA-7 hacked last month
As of this writing, DSWD-7’s Facebook page has over 524,000 followers with 258 following.
Last year in July, a similar hacking incident also affected the Facebook page of the Philippine Statistics Authority Region 7 (PSA-7).
In their hacked FB account, different profile pictures, mostly featuring women, were posted, and this caught the attention of the netizens especially in the third week of July.
READ: Philhealth temporarily shuts down systems after hackers attack website
Already under investigation of Cybercrime
Meanwhile, in an interview with Engineer Royden Rusiana, focal person for Cybersecurity of the Department of Information and and Communications Technology in Central Visayas (DICT-7), said that it had been reported to the Cybercrime Investigation and Coordinating Center (CICC).
Based on their initial investigation, he said ‘more or less’ it was an ‘insider attack.’
With this, the pointed some advices to those handling the pages of government agencies.
“Mostly, in government, ang naghandle sa mga pages kay rank job orders, anytime dili marenew for whatever reasons, makick out sa organization. Pero ang ilang accounts, nagpabilin. Delikado kaayo na siya. That is called an insider threat or attack,” Rusiana told CDN Digital.
(Mostly, in government, the ones handling the pages are rank job orders, and anytime their contracts are not renewed for whatever reasons, and they will be kicked out of the organization, but their accounts remain. That is very risky. That is called an insider threat or attack.)
READ: Philippine Cybersecurity: How the country beats digital threats
More measures to prevent being hacked
Moreover, he also advised to limit the number of admins who handle the page or ‘use the Principles of Least Privileges.’
“Hinaot dili tanan Administrator. Kon pwede Moderator lang (I hope that not all are administrators. If it can possibly be done, let them just be moderators),” he said. This would limit the people’s tasks and access to the page.
Another advise of Rusiana is to register the Facebook page.
“Dili lang kay himo-himo lang because wala siya’y identity. So, makontrahan siya sa mga tawo, Dali ra siya ipa ‘MASS REPORT.’ Ma deact[ivate] dayon siya kay wala man siya naregister,” he said.
(Not just one that is made up account because it would have no identity. So the people can easily counter it, it can quickly be prone to ‘Mass Report.’ It can easily be deativated because it was not registered.)
And the last advise of Rusiano is to review security the security of the Facebook page.
“All personnel handling the pages, must use two steps or multi factor authentication and carefully manage authorized devices sa ilang mga account para dili lain tawo ang mo authenticate (In their account so that not another person will authenticate it),” he said.
Disclaimer: The comments uploaded on this site do not necessarily represent or reflect the views of management and owner of Cebudailynews. We reserve the right to exclude comments that we deem to be inconsistent with our editorial standards.
