Armed Forces of the Philippines

The Armed Forces of the Philippines (AFP), also known as the Philippine Military or Sandatahang Lakas ng Pilipinas, serves as the national defense institution responsible for safeguarding Philippine sovereignty and territorial integrity. Operating under the Department of National Defense, it maintains land, air, and naval capabilities to address internal and external security threats across the archipelago. The organization has faced persistent cybersecurity challenges, with multiple documented incidents revealing vulnerabilities across its digital infrastructure. These breaches demonstrate sophisticated targeting by both criminal and state-aligned threat actors seeking military intelligence or disruptive capabilities, reflecting broader regional cyberespionage trends affecting government defense entities.

Cyberattacks against the AFP have involved diverse intrusion methods and threat actors over nearly a decade. In 2016, its public-facing website was defaced by a hacker criticizing security weaknesses, disrupting informational services. More advanced compromises include the 2020 Tropic Trooper campaign that used self-replicating USB malware to breach air-gapped networks through peripheral medical facilities, exfiltrating marine and defense intelligence. State-sponsored groups like Vietnam-linked OceanLotus targeted the AFP in 2017 as part of broader regional espionage against ASEAN entities, deploying webshells and credential-stealing mechanisms. The 2025 Exodus Security breach reportedly compromised thousands of sensitive personnel records, though authorities dispute the full impact. These incidents collectively illustrate systemic targeting of military networks through both opportunistic attacks and coordinated campaigns exploiting technical and human vulnerabilities, prompting ongoing investigations into foreign involvement and defensive modernization efforts.