Sign in Subscribe

Leveraging Open Source Intelligence for Critical Infrastructure Protection in the Philippines

Like any other country, the Philippines faces growing cybersecurity challenges in an increasingly interconnected world, particularly in…

Sigmund Brandstaetter CISSP, CCSP, CISM, OSCP, CEH

7 min read
Leveraging Open Source Intelligence for Critical Infrastructure Protection in the Philippines

Like any other country, the Philippines faces growing cybersecurity challenges in an increasingly interconnected world, particularly in protecting its critical infrastructure given its geopolitical situation, threatened by a cyber-strong China. As the country continues to digitalize and expand its technological capabilities, the importance of leveraging Open Source Intelligence (OSINT) for enhancing national security cannot be overstated. This short article explores how the Philippines can effectively utilize OSINT to safeguard its critical infrastructure, addressing current threats and preparing for future challenges.

I have been doing OSINT work and related services for organizations in the Philippines and the region for quite some time now, also, having spent the last 15 years in the Philippines, and considering my love for this country, this is a topic close to my heart.

The Current Cybersecurity Landscape in the Philippines

The Philippines has experienced a significant surge in cyber threats in recent years. According to Cloudflare, the country faced an average of five billion cyberattacks per day in the first quarter of 2024, marking a 28% increase from the previous quarter. This alarming statistic underscores the urgent need for robust cybersecurity measures, especially for critical infrastructure protection.

The vulnerability of the Philippines to cyber attacks is further exacerbated by several factors:

  1. Rapid digitalization without corresponding security measures
  2. Geopolitical tensions, particularly in the South China Sea
  3. Underdeveloped cybersecurity infrastructure
  4. Lack of widespread cybersecurity awareness

These factors combine to make the Philippines a prime target for cyber espionage and other malicious activities.

The Role of OSINT in Critical Infrastructure Protection

Open Source Intelligence (OSINT) refers to the collection and analysis of information from publicly available sources. In the context of critical infrastructure protection, OSINT can play a crucial role in identifying potential threats, vulnerabilities, and attack vectors before they can be exploited by malicious actors.

While there are OSINT efforts in many different government organizations in the Philippines today, it is my opinion that the lack of a centralized OSINT Unit for better coordination poses a problem.

To understand better, why this would be so important, let’s look first at some of the benefits of OSINT:

Key Benefits of OSINT for Critical Infrastructure Protection:

  1. Early Threat Detection: OSINT tools can monitor various online platforms, including social media, forums, and the dark web, to identify early indicators of potential threats to critical infrastructure.
  2. Vulnerability Assessment: By analyzing publicly available information about infrastructure systems, OSINT can help identify potential weaknesses that could be exploited by attackers.
  3. Situational Awareness: Real-time monitoring of open-source data can provide valuable insights into ongoing or emerging threats, allowing for rapid response and mitigation.
  4. Cost-Effective Intelligence Gathering: OSINT leverages publicly available information, making it a cost-effective method for gathering intelligence compared to more traditional, classified intelligence methods.

Implementing OSINT for Critical Infrastructure Protection in the Philippines

To effectively leverage OSINT for critical infrastructure protection, the Philippines should consider the following strategies:

Establish a Dedicated OSINT Unit

The Philippine government should consider establishing a dedicated and centralized OSINT unit within its cybersecurity framework. This unit would be responsible for collecting, analyzing, and disseminating open-source intelligence related to critical infrastructure threats. The unit should work closely with other government agencies, including the different Law Enforcement Agencies such as the Philippine National Police Anti Cybercrime Group, the Department of Justice Office of Cybercrime, the Department of Information and Communications Technology (DICT), the AFP Cyber Group, the NBI Cybercrime Division, the Cybercrime Investigation and Coordinating Center, and the National Computer Emergency Response Team (NCERT). Other agencies would be crucial too, sorry if this is not a complete list.

Develop a Comprehensive OSINT Strategy

A well-defined OSINT strategy is crucial for effective critical infrastructure protection. This strategy should outline:

  • Key objectives and priorities
  • Target sources of information
  • Analysis methodologies
  • Dissemination protocols
  • Ethical and legal considerations

The strategy should align with the broader National Cyber Security Plan 2023–2028, ensuring a cohesive approach to cybersecurity.

Invest in Advanced OSINT Tools and Technologies

To maximize the effectiveness of OSINT efforts, the Philippines should invest in state-of-the-art OSINT tools and technologies. These may include:

  • Social media monitoring platforms
  • Dark web intelligence tools
  • Data visualization software
  • Machine learning and AI-powered analytics tools

These technologies can help process and analyze vast amounts of data more efficiently, providing actionable intelligence promptly to the agencies who need it.

Foster Public-Private Partnerships

Collaboration between the government and private sector is essential for comprehensive critical infrastructure protection. The Philippines should encourage partnerships with:

  • Telecommunications companies
  • Internet service providers
  • Cybersecurity firms
  • Managed Security Service Providers (MSSPs)
  • Academic institutions

These partnerships can facilitate information sharing, enhance threat intelligence, and improve overall resilience against cyber threats.

This is a very important yet entirely overlooked aspect in the Philippines, organisations or individuals who want to contribute to the cybersecurity well-being of the country are often ignored, or even attacked and labeled as suspicious.

Enhance OSINT Training and Capacity Building

To build a robust OSINT capability, the Philippines must invest in training and capacity building. This includes:

  • Developing specialized OSINT training programs for cybersecurity professionals. This can be either done tailor-made for the local requirements or in partnership with global OSINT-focused organizations, of which there are many.
  • Incorporating OSINT modules into existing cybersecurity curricula, but the problem with this is, that in Philippine Universities, cybersecurity is neglected, with no actual cybersecurity-focused curriculum worth mentioning at any of the local universities.
  • Organizing workshops and seminars on OSINT techniques and best practices, the audience for which can be employees of the above-mentioned organizations as well.
  • Encouraging participation in international OSINT conferences and forums.

By enhancing the skills of its cybersecurity workforce, the Philippines can better leverage OSINT for critical infrastructure protection.

Case Study: OSINT Application in the Electricity Sector

The electricity sector is a critical component of national infrastructure and a prime target for cyber attacks. A study by Keliris et al. demonstrates how OSINT can be employed to build comprehensive models of power systems, identifying vital components and potential vulnerabilities.

Given that there are many controversies around the Power Sector (e.g. the NGCP mess, the National Grid Corporation of the Philippines which is de facto controlled by the Philippines' biggest enemy, China, and 40 percent owned by the Grid Corporation of China), the power sector is a very good point in case.

In the context of the Philippines, OSINT could be used to:

  1. Map the country’s power grid infrastructure using publicly available data
  2. Monitor social media and online forums for discussions about potential vulnerabilities in the power system
  3. Track cyber threats specifically targeting energy infrastructure in Southeast Asia
  4. Analyze open-source satellite imagery to assess the physical vulnerabilities of power plants and transmission lines

By applying these OSINT techniques, the Philippines can enhance its ability to protect its electricity infrastructure from both physical and cyber threats.

Challenges and Considerations

While OSINT offers significant benefits for critical infrastructure protection, there are some challenges and considerations that the Philippines must address:

Data Overload

The sheer volume of open-source data available can be overwhelming. The Philippines must develop effective strategies for filtering and prioritizing information to avoid analysis paralysis.

Misinformation and Disinformation

Not all open-source information is accurate or reliable. The Philippines must develop robust verification processes to distinguish between genuine intelligence and false or misleading information.

Legal and Ethical Considerations

The collection and use of open-source intelligence must comply with Philippine laws and respect individual privacy rights, a big consideration here will be the Republic Act 10173, officially known as the Data Privacy Act of 2012 (DPA). Clear guidelines and oversight mechanisms should be established to ensure ethical OSINT practices.

Resource Constraints

Implementing such a comprehensive OSINT program requires significant resources, including skilled personnel and advanced technologies. The government must allocate adequate funding and resources to support OSINT initiatives.

Rapid Technological Changes

The landscape of open-source intelligence is constantly evolving with new technologies and platforms emerging regularly. The Philippines must stay abreast of these changes and adapt its OSINT strategies accordingly.

Future Outlook and Recommendations

As the country continues to develop its cybersecurity capabilities and is only at the beginning to do so, the role of OSINT in critical infrastructure protection is likely to grow. To maximize the benefits of OSINT, the following would be recommendations that I could give:

  1. Develop a National OSINT Framework: Create a comprehensive framework that outlines roles, responsibilities, and best practices for OSINT in critical infrastructure protection.
  2. Enhance Regional Cooperation: Collaborate with neighbors who face similar challenges and also a common threat to peace in the region (China) countries to share OSINT best practices and threat intelligence related to critical infrastructure protection.
  3. Integrate OSINT with Other Intelligence Sources: Combine OSINT with other forms of intelligence gathering to create a more comprehensive threat assessment capability.
  4. Promote OSINT Awareness: Conduct awareness campaigns to educate stakeholders about the importance of OSINT in critical infrastructure protection.
  5. Establish an OSINT Center of Excellence: Create a dedicated facility for OSINT research, training, and innovation focused on critical infrastructure protection.
  6. Regular OSINT Exercises: Conduct regular exercises and simulations to test and improve OSINT capabilities in responding to critical infrastructure threats.

A few closing remarks

As the Philippines, like other countries in the region, face an increasingly complex cyber threat landscape, leveraging Open Source Intelligence (OSINT) for critical infrastructure protection is no longer just an option — it’s a necessity. By implementing a comprehensive OSINT strategy, investing in advanced tools and technologies, fostering public-private partnerships, and addressing key challenges, the Philippines can significantly enhance its ability to protect its critical infrastructure from cyber threats.

Cooperation in the region, with countries like Singapore, Malaysia, and Thailand, will play a crucial role in being successful against major threats like China.

The journey towards effective OSINT utilization will require a large amount of dedication, effort, resources, and commitment from all stakeholders. However, the potential benefits in terms of improved national security, economic stability, and cyber resilience make this investment worthwhile. Let’s not kid ourselves, OSINT will undoubtedly play a crucial role in safeguarding the nation’s critical infrastructure and ensuring a secure and prosperous future for all Filipinos.

If you like my article, buy me a coffee to keep me going :)

Sigmund Brandstaetter
I love writing about all things Cybersecurity and I also maintain a YouTube Channel.
OSINT|PH — Digital Forensics and Cybersecurity Consulting
We do all Cybersecurity Services such as VAPT, Compromise Assessments, vCISO Services, Forensics, and more. We are…

https://www.linkedin.com/in/sigmundbrandstaetter/

Sign up for more like this.

Enter your email
Subscribe