Cyber Incident Victim: Bureau of Customs
Date:
Aug 2015
Location:
Philippines
Summary
The Bureau of Customs experienced a distributed denial-of-service (DDoS) attack by hacker collectives including Pinoy LulzSec, Elite Cyber Security, and MCA and PHU DDOS Squad under the operation #OpCustoms, causing intermittent website outages and degraded performance. The attackers cited solidarity with Overseas Filipino Workers protesting stringent inspections of balikbayan boxes, criticizing the agency for prioritizing minor shipments over large-scale smuggling operations. Their public statement denounced perceived corruption and policy inconsistencies while demanding accountability from leadership.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 3 actors | Available to members | Available to members |
Description
In August 2015, the Philippines' Bureau of Customs experienced sustained cyberattacks targeting its official website (customs.gov.ph) in an operation dubbed #OpCustoms. Multiple hacker groups—including Pinoy LulzSec, Elite Cyber Security, MCA, and PHU DDOS Squad—collaborated to execute distributed denial-of-service (DDoS) attacks starting at least one day prior to August 23, 2015, with attacks continuing into the morning of that date. The attackers flooded the website with excessive pings and data packets, intermittently rendering it inaccessible or significantly slowing access for legitimate users. The operation was publicly framed as an act of solidarity with Overseas Filipino Workers (OFWs), who had expressed widespread opposition to new Bureau policies mandating rigorous physical inspections of Balikbayan boxes—care packages sent by OFWs to families in the Philippines. Hackers explicitly linked their actions to grievances over perceived inequitable enforcement, criticizing the Bureau for prioritizing scrutiny of OFW shipments while allegedly failing to intercept large-scale smuggling operations involving counterfeit rice from China and waste imports from Canada.
The attacks caused functional disruptions to the Bureau’s website, with intermittent downtime and persistent performance degradation observed through the date of reporting. Attackers published a manifesto via online channels addressing Commissioner Alberto Lina and President Benigno Aquino III, condemning the Balikbayan box inspection policy as emblematic of systemic corruption and misaligned priorities under the administration’s "Tuwid na Daan" (Straight Path) governance agenda. No technical countermeasures or official responses from the Bureau were documented in available reporting at the time of the article’s publication. The website remained either partially inaccessible or slow to load as of August 23, 2015, with no indication of attack cessation. Hackers characterized their actions as a monitoring effort against perceived institutional failures, explicitly threatening continued scrutiny of the Bureau’s operations.