Beneath the veneer of global APT attacks lies a complex crossfire of political enmity, perfidy and cyber greed. Manchurian candidates, anyone?

In the upcoming 2022 elections in the Philippines, the deadline for the filing of Certificates of Candidacy is in the first week of December.

One senator who has considered running for President, Sen. Richard Gordon, was asked in an interview if he thought China would interfere in the elections. He replied: “That’s what I’m afraid of. This is a world that has no more borders. Its defenses are down.”

Certainly, China’s activities in the Philippines’ Exclusive Economic Zone (EEZ) earlier in the year had resulted in numerous diplomatic protests. With China impinging on the EEZ, how far a step is it to continue meddling, via the next elections?

World champion of cyberattacks?

Last month, internet users in the region came across a rare, wide-scale advanced persistent threat (APT) campaign against users in South-east Asia, most notably Myanmar and the Philippines. The campaign was subsequently attributed by experts to the Chinese-speaking HoneyMyte threat group. Around 1,400 users were victimized, including government agencies.

In response, Senator Risa Hontiveros opined that China may employ cyber espionage tactics to hack its way into the 2022 Philippine polls.

Elsewhere, after alleging China hacked Microsoft, US President Joe Biden’s government had called China a country that hosts an “ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain.”  In response, China’s authorities countered that such a statement is a “malicious smear” and that the state of Washington is “the world champion of malicious cyberattacks.”

A persistent territorial threat

Going back to the Philippines, why would China meddle in its elections? The answer is territory.

According to geopolitics expert Dr Renato de Castro, the Philippines is a key peg in Chinese President Xi Jinping’s intention to retake Taiwan as a Chinese province because the latter is separated only by a narrow channel from the Philippines’ Northern Luzon territory.

Further, Chinese ships have been highly visible in the West Philippine Sea, and many Filipinos are befuddled as to why President Rodrigo Duterte has not rallied international support to repel China. 

There has been talk of China backing ‘Manchurian candidates’ in the Philippine government. For those not familiar with the term originating from spy novels, it refers to a politician who would sell out his own country. 

Former foreign undersecretary of the Philippines Laura del Rosario had predicted: “There will be more than two Manchurian candidates, so whoever they field, we have to unite under one candidate.”

Disunity: an insider threat

Unity is exactly what the Philippines is lacking right now. The current Vice President and the President have never seen eye-to-eye, and public exchanges of contrasting views are constantly happening. Vice President Leni Robredo has denounced attacks on Philippine politics that were later traced to trolls from Xiamen, Guangzhou and Shanghai.

Robredo need not wonder what reason lies behind the troll farms. It leads back to the agenda of territory. At a recent at a United Nations Security Council Meeting, the two countries exchanged barbs over each other country’s political activities.

US Secretary of State Antony Blinken stated: “Conflict in the South China Sea, or in any ocean, would have serious global consequences for security, and for commerce.” That South China Sea overlaps not only with the Philippine Exclusive Economic Zone but also the zones of Vietnam, Malaysia, Brunei, and Indonesia.

China’s deputy UN Ambassador Dai Bing called the US “the biggest threat to peace and stability in the South China Sea” for provoking its wrath by sending military aircraft and vessels there.

As a certain Philippine song goes, “there’s a B-side to every story.”

We just hope that story does not end sadly for our country.

(Editor’s note: The takeaway lesson is that cybersecurity is very much tied to global political, social and economic motives seen and unseen: threat intelligence is key to forecasting, preempting and linking APT activities at not only municipal but also national levels.)