By GABRYELLE DUMALAG
MANILA — The Sweden-based digital forensic experts who have been mitigating cyber-attacks against independent news websites in the Philippines are now getting a share of it, following a series of penetration-testing attacks that began on Friday, July 2.
In a tweet, Qurium Media Foundation said the pen-test used the tool Nmap Scripting Engine and was traced to a timestamp in Manila, Philippines at 1 a.m. from an IP address belonging to a private tech firm, Converge ICT.
They received pen-test requests “from the same IP with the User Agent: Maltego One 188.8.131.5232 – Pro; Windows 10 10.0” a day later. Qurium said that it is the commercial version of Maltego, a software used for forensic investigations and to map the infrastructure resources.
A penetration-testing attack (pen-test) is a simulated cyber attack against a computer system to check for exploitable vulnerabilities.
The traffic came from the same IP address, but the attacker soon after changed the address to an IP belonging to the Department of Science and Technology.
Qurium, in its tweet, provided the history of digital certificates showing that the IPs are linked together.
“It seems that the promises of investigation are mere lip service. The pen-testing on Qurium’s website proves that the cyberattackers are undaunted, bolstering our belief that such actions are state-sanctioned and part of the systematic efforts in silencing and intimidating the Philippine media,” said Ronalyn Olea, managing editor of Bulatlat.
Earlier, Qurium traced cyber-attacks against websites of alternative news Bulatlat and AlterMidya, and human rights group Karapatan to the DOST and the Philippine Army.