(Image credit: Bulatlat.com)

MANILA, Philippines—The websites of two alternative media organizations in the Philippines have been under series of cyberattacks involving digital infrastructure linked to the state, particularly the military and the Department of Science and Technology (DOST), a Sweden-based digital forensics group revealed on Tuesday, June 22.

In a report, Qurium Media Foundation said several internet protocol (IP) addresses linked to the DOST and the military have launched a series of attacks in the past two months against the websites of media outfits Bulatlat (Bulatlat.com) and Altermidya (Altermidya.net), and human rights group Karapatan (Karapatan.org).

Qurium said that in an attack last May 18, a machine from the DOST network with IP address 202.90.137{.}42 launched a vulnerability scan against Bulatlat.com using a private IT firm’s infrastructure. A vulnerability scan is an automated, high-level test that creates an inventory of all known and potential weaknesses in a network. While it can be performed regularly in a system, such test is highly irregular without permission from the system owner.

The group also found that the said IP address’ certificate was registered to IP Solutions, Inc., a supplier of hardware and services to Philippine government agencies.

Another unit under the same IP address was registered to a certain “acepcionecjr@army.mil.ph Taguig Red Server.” The “army.mil.ph” is the official domain and website of the Philippine Army.

The IP address was also traced to an edit in the Wikipedia entry “Chief of the Army (Philippines)” last June 10, 2021, Qurium said.

The series of attacks also included “HTTP flood attacks”, a type of volumetric Distributed Denial of Service (DDoS) attack designed to overwhelm a targeted server with seemingly legitimate HTTP requests.

Despite the frequent attacks, Qurium has kept the websites up and accessible to the public.

Read full report by Qurium here: https://bit.ly/3gIzRo6