DICT confirms testing site hacked

Metro Manila (CNN Philippines, October 25) — The Department of Information and Communications Technology (DICT) on Tuesday confirmed its «sandbox» website has been hacked.

«One particular site on our website was infiltrated,» DICT Assistant Secretary and Spokesperson Aboy Paraiso told reporters in an online briefing.

«However, (this site) is where we test our VAPTs, Vulnerability Assessment and Penetration Testing. This is where we test our scanners,» he added.

A sandbox is an isolated environment wherein developers test possible malicious software without affecting the main host network.

In a message to CNN Philippines, DICT Undersecretary Jeffrey Dy said the obscure website had «pre-determined vulnerabilities.»

«It's not being used. It is a regular testing site that our developers and testers use so we can check vulnerability of systems,» he said.

The DICT official added that there are no sensitive data or personal information on the site that was hacked. He said they are investigating the incident and are taking necessary steps to ensure the security of its systems and data.

Paraiso also said they will be constantly upgrading not only the DICT website but also other systems of the government.

The development came on the heels of back-to-back cyberattacks on the Philippine Health Insurance Corporation, Philippine Statistics Authority, and other government agencies.

The DICT said it has completed its part in investigating the recent data breaches but continues to test and monitor the systems of the affected agencies.