Cyber Incident Victim: Armed Forces of the Philippines
Date:
Dec 2016
Location:
Philippines
Summary
The Philippine Military's official website was compromised and defaced by a hacker using the alias Shin0bi H4x0r, who replaced the homepage with taunting messages criticizing the site's inadequate security measures. The attacker claimed the breach was a test of skills and warned administrators to improve defenses, though no data theft or systemic compromise was explicitly reported. The defacement disrupted public access to the military's news and informational resources, highlighting vulnerabilities in a high-profile government platform. This incident followed a pattern of similar cyberattacks against Philippine government entities, including previous breaches of police, senatorial, and election commission systems.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On December 30, 2016, the official Philippine Military website (army.mil.ph) was compromised and defaced by an individual using the alias Shin0bi H4x0r. Visitors to the site encountered a replacement page displaying messages taunting the website administrators for inadequate security measures. The hacker claimed initial intent to target the US Army website but redirected efforts to the Philippine Military platform, stating, "Oh well, wrong target. I hacked Philippines Military and Army." The defacement included declarations such as "Security is just an illusion" and "Fix your security or I will be back," framed as a "friendly defacement" while asserting hacking as a form of artistic expression. Mirror links documenting the defacement were publicly shared as proof of compromise. The targeted website primarily hosted news updates, press releases, military activity photos, and informational content for public access, though the specific technical vulnerability exploited remained unidentified in available reports.
The incident disrupted standard access to the military’s public information services and underscored persistent cybersecurity challenges facing Philippine government entities. Historical context revealed prior compromises of high-profile Philippine targets, including the National Police website, a senator’s office portal, and the National Telecommunications Commission site—often attributed to Anonymous-affiliated actors. A notably severe precedent occurred in 2016 when attackers breached the Philippines Election Commission (COMELEC), exposing personal data of 55 million registered voters ahead of national elections, though authorities arrested one alleged perpetrator shortly after that breach. No arrests, remediation efforts, or formal responses from Philippine Military officials regarding the December 2016 defacement were documented in the source material. The event contributed to ongoing concerns about governmental digital infrastructure resilience against relatively unsophisticated attacks despite the symbolic significance of military assets as high-value targets.