DICT Chief Confirms Insider Threat: Hackers Allegedly Embedded Within the Agency
Manila, Philippines — DICT Secretary Henry Aguda confirmed this morning on DZRH’s Dos por Dos that hackers have infiltrated the Department of Information and Communications Technology (DICT) itself.
When asked directly by Ka Tunying whether there are individuals inside the DICT hacking fellow government agencies, Aguda responded with a confirmation. He revealed that the discovery came after he commissioned an independent internal audit, which uncovered the presence of rogue insiders harvesting the personal data of Filipinos.
The Cybercrime Investigation and Coordinating Center (CICC) is now conducting an investigation and preparing to file charges against those involved.
Ka Tunying also mentioned the name “Klammer” during the segment, though no further details were given. Klammer, is a current member of the greyhat group known as DeathNote Hackers who is known for several data breaches last year on government agencies and private institutions.
But the confirmation has triggered a strong response from former DICT Undersecretary for Cybersecurity Jeffrey Ian Dy, who defended the agency’s long-standing cybersecurity team against what he sees as unfair and sweeping accusations.
Reacting to the story posted by tech journalist, Art Samaniego, Dy said, “To insinuate that the group who has been in-large successfully defending government against hackers in the past three years, are themselves ‘saboteurs’ is not only a stretch, but outright unfair.”
Dy laid out several key points in defense of the Cybersecurity Bureau (CSB) and the National Computer Emergency Response Team:
Three key personnel—who were instrumental in discovering and mitigating attacks on major government agencies such as the Office of the President, Philippine Coast Guard, DENR, and PhilHealth—have either resigned or are considering stepping down. One was reportedly being recruited by the Presidential Management Staff (PMS).
The National Security Operations Center (NSOC) successfully blocked 2.4 million attempted cyberattacks, including at least eight advanced persistent threats (APTs) against Philippine government systems. Their threat intelligence reports are submitted monthly to various agencies and to the National Cybersecurity Inter-Agency Committee (NCIAC), chaired by the Executive Secretary.
Intelligence shared by DICT has directly led to arrests made by the NBI, BI, AFP, and PNP of individuals involved in hacking activities.
While Dy acknowledged the possibility of bad actors within any institution, he emphasized the success and dedication of the core cybersecurity teams, saying it’s disheartening to see them now being labeled as traitors.
Sila pa ngayon ang tatawagin nating traydor?! he asked, sharing how these individuals often worked long hours and even used their own money just to complete their duties during incident responses.
“This is not the way to motivate the very talented people who have been at the forefront of this shadowy war in cyberspace,” Dy added.
This issue serves as a wake-up call for everyone: insiders, even well-placed ones, can be threats. But blanket accusations can also demoralize those who’ve risked their careers to protect national interests.
Sources:
1. Samaniego, A. (2025, June 18). [Facebook status update]. Facebook. https://bit.ly/44cH5Z2
2. Facebook Post by Jeffrey Ian Dy (2025, June 18). [Facebook status update]. Facebook. http://bit.ly/44cH5Z2
