Let me start by saying, “If you are not willing to risk the unusual, you will have to settle for the ordinary.” This is according to Jim Rohn, a successful entrepreneur and motivational speaker.
THE REAL DEAL
There are so many fake news these days. The picture above is a screen grab from a Disaster Response Conference but the caption says otherwise. The hullabaloo is about the Armed Forces of the Philippines (AFP) facing a backlash from the public for entering into a memorandum of agreement (MOA) with Dito Telecommunity Corp. (former Mislatel), the country’s third telco player known of having a Chinese partner. With this premise, the media is placing the good Secretary of National Defense (SND) in a bad light by broadcasting and publishing that he was not aware about the deal.
As you can see above (considered to be a public document already which I found in the internet), the final approval of the MOA lies on the signature of the SND. There are no exceptions!
During the process of drafting of that MOA, there were no representatives from DND invited. The two negotiating parties finalized, signed and submitted the papers to DND. Upon receipt of the proposed MOA at the Department, it immediately underwent complete staff action, the Head Executive Assistant (HEA) at the Office of the Secretary (OSEC) forwarded the document to the Chief of Management Information Systems Service (MISS) for technical and security comments; and finally to the Chief of Legal Affairs Service (LAS) for his opinion – before the Secretary signs or refuses to sign the MOA!
SIGNAL CORPS
By middle of last year, with SND’s permission and blessing, I was allowed to relinquish my position as his Chief of MISS and to leap-frog to a private corporation by joining 5GS and PT&T as its VP for Cybersecurity and Chief Information Security Officer (CISO), respectively; before becoming the Chairman of the Board of Kerberus Corporation, a cybersecurity company.
While Mislatel, SEAR Telecom and PT&T were still busy in their respective bidding aspirations to become the 3rdTelco, I was already talking with the AFP J6 and his staff (Deputy Chief of Staff for Communications, Electronics and Information Systems, or CEIS for short) as early as August 2018 before waiting for the result of the bidding award. My team was negotiating with AFP to grant PT&T to co-locate their cell site towers inside AFP camps. I was accompanied by some consultants, the Chief Technology Officer (CTO) and Executive Vice President (EVP) from PT&T.
Just like General USec Eli Rio and Commodore ASec Vic Cejoco, both of DICT and MGen CTO Boy Santiago of Dito, I am also a proud member of the Signal Corps. We are all well versed with the Smart and Globe agreements. For me, I was the Assistant J6 (AJ6) in 2010 to 2012 when the AFP Wide Area Network (WAN) through the AFP Longlines and the Camp Aguinaldo Networks (CAGNET) was undergoing improvements and completion…
However at the Office of J6 (OJ6), the civilian engineer in charge of CEIS contracts gave me a copy of the draft entered by Bell-Tel of San Miguel Corporation to copy. The Bell-Tel contract for co-location was never realized as San Miguel decided to drop their plans and sold the frequencies they had to PLDT, which were contested in the bidding. In case PT&T wins the bidding, the company can easily deploy and set up fast its nationwide plan. However, PT&T lost!
WHY INSIDE CAMP?
Why is AFP allowing telcos to co-locate their towers inside camp? Isn’t this dangerous? The act can compromise national security? Especially, not only letting the Chinese encroach West Philippine Sea (WPS) but also our cyberspace? Anyway, NPAs will not harm nor bomb their towers if ever they set up their towers away from the camps . . .
- For the AFP, let me bring you back to the quotation said by Jim Rohn. By letting telcos co-locate, the AFP will benefit a lot. There are no secret deals here that can enrich or corrupt anybody because there are no money involved in the transaction but exchanges of services. The camp will gain E1 Lines for voice and data, now to include video. This is the “unusual” that I am referring in the saying, at par with the primary rate lines used in Europe, North America and Japan. If not, the AFP can settle in paying for an expensive one or go back to morse code to communicate. The E1 Line is capable for video teleconferencing with higher headquarters. The concern now is cyber espionage: the Chinese can easily monitor the conversation! I’ll answer this issue later . . .
- For the telcos, on the other hand, it all boils down to physical security! They can be rest assured to operate continuously. They can feel safe and sleep well not worrying terrorists to bomb their towers even they do not succumb in paying revolutionary taxes to NPAs. They do not need to hire security guards . . . There was a time that bombing of communication towers were so rampant. Rumours were floating that Smart towers were spared from bombing because Smart was giving revolutionary taxes; and Globe towers were time to time bombed because they refuse to pay. However according to my grapevine, Smart was not paying revolutionary taxes but instead the company issued and gave away many cellphones with unlimited call and text to CPP/NPA leadership. Smart talaga! NPAs skipped destroying Smart towers. If they do, they will lose their communications link too. Some military intelligence officers know about this. So they exploited the situation by eavesdropping and plotting the locations of the enemies. Ever wondered what happened to Ka Rosal, the spokesman of the Melito Glor Command in Southern Tagalog . . .
THE AFP CYBER GROUP
When I was the AJ6, I served as co-chair of the AFP-USPACOM Command and Control Interoperability Board (CCIB) in 2010. I was surprised that a courier from the Joint United States Military Advisory Group (JUSMAG) paid me a visit and handed me a brown envelop with a “SECRET” marking. Anyway this information happened long time ago and can be considered declassified. The envelop contained a list of emails addresses of top brasses, starting from the chief of staff down to his subordinate commanders, and to include the compromised emails exchanges. The hacking was state sponsored (I refuse to name the country). From that day, AFP-USPACOM sent selected confidential messages through couriers and that’s one of the communication interoperability we accomplished! haha Cybersecurity was not a hot issue then . . . and AFP does not have an organization yet looking on cyber hacking!
Today, we have the AFP Cyber Group. I was waiting for the correct answer in the news in addressing the entry of the 3rd Telco in the premises of AFP camps. Nobody from the top, Department of Informations and Communications Technology (DICT) and National Security Council (NSC), were able to articulate about cybersecurity and operations center. With cell sites inside camps, our soldiers can experience the unusual (LTE/5G) and not just be contented with the ordinary (EDGE/3G)!
SECURITY OPERATION CENTER (SOC)
The AFP Cyber Group is on top of the situation, under the able leadership of a very capable man. It is now setting up its Security Operation Center (SOC), with the 5 pillars of cybersecurity as guidelines: 1) Legal, 2) Technical, 3) Organization, 4) Capacity Building and 5) Cooperation.
I’ve seen the blue print of the SOC and 5GS/Kerberus Corporation is openly assisting. I do not know if the AFP has their own encryption already? Soon everything the AFP does in the cyberspace will be encrypted. The SOC will consist of laboratories with virtual machines (VM) and sand boxes to study malware and create homegrown cyber weapons. There will be classrooms with cyber ranges and holding quarters for the Computer Emergency Response Teams (CERTs); and of course the typical infrastructures, namely: firewalls, Intrusion Protection/Detection Systems (IPS/IDS), breach detection solutions, probes, and a security information and event management (SIEM) system, with the capability of:
- Log collection, processing, and archival.
- Searching and reporting.
- Real-time security monitoring.
- End-to-end incident management and automated workflows.
- Threat intelligence.
- User and entity behavior analytics.
There will also be a lot of threat hunting. Technology should also be in place to collect data via data flows, telemetry, packet capture, syslog, and other methods so that data activity can be correlated and analyzed by SOC staff. The security operations center also monitors networks and endpoints (These include the towers inside the military camps) for vulnerabilities in order to protect sensitive data and comply with industry or government regulations.
To explain better, from Wikipedia, “A SOC is a facility that houses an information security team responsible for monitoring and analyzing an organization’s security posture on an ongoing basis. The SOC team’s goal is to detect, analyze, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes. Security operations centers are typically staffed with security analysts and engineers as well as managers who oversee security operations. SOC staff work close with organizational incident response teams to ensure security issues are addressed quickly upon discovery. It monitors and analyzes activity on networks, servers, endpoints, databases, applications, websites, and other systems, looking for anomalous activity that could be indicative of a security incident or compromise. The SOC is responsible for ensuring that potential security incidents are correctly identified, analyzed, defended, investigated, and reported.”
So why worry in letting Dito co-locate inside camps together with Smart and Globe. The AFP will have better internet connections through its wider and faster information highway run by different telcos, with redundancy! The AFP, through the Cyber Group, just need to establish checkpoints to prevent illegal entry, espionage, crimes and hacking, similar in the real or static world!
If you want to see how a SOC operates 24/7, there is one at 5GS (https://5gs.com.ph/value-adds-for-our-clients/command-center/). It is being ran and managed by BGen Pol Sumayo (Ret), a Signal Corps Officer and former commander of MIG-21, the technical surveillance unit of the Intelligence Service, AFP (ISAFP).
Likewise, the Cybersecurity Management System Project (CMSP) at DICT is also a SOC, with the same intention and purpose in mind.
Epilogue:
News report dated 18 October 2019…
From Charlie Company 
I was surprised that in deed this so called MOA between AFP and Dito Telecom is almost happening now? Will the SND sign it? Say what you want, but the threat with the Chinese engaging in our national security matters is real. Patriotism should always comes first. This they know for sure. I hope our Armed Forces do the same. Not even to mention the name of that country who was able to hacked the AFPs email system., it’s probably a good guess that country is what we all think it was. There are events in history that we can learn from. Say for example, a country’s imperialistic ideology never withers. It may only change its ways to pursue this.
Anyways, our national leaders specially our leaders in the national security and defense should have the greatest understanding of this and must not easily jump to very “enticing” deals that will only put our country in vain later on.
China is not the only country who has the capability to help us in pursuing our goal. There are many who are able and willing to help us minus the obvious “other” reasons. It can be raise as an argument that this company is purely private and the Chinese government has nothing to do with it. Is it?
I wonder how far this MOA is now in effect? Are the anticipated or ongoing projects of the CSG, CEISSAFP, ISAFP or even the DND being influenced by this mutual agreement? What was/were the reason/s why this article even written and published? Will we be surprise later on that a SOC or similar project/s is/are already done deals and ready for implementation. It is not a secret that many of the government agencies carried out biddings but not “honest to goodness” biddings. If you know what I mean. Companies or corporations who has deep intention to influence the result, will succumb to many ways including but not limited to putting their own specifications to the terms of reference for every bidding documents. And that is not even the primary concern for agencies under the DND or the AFP. Is the winning vendor or supplier only considerable goal is earn or to gain enough economic profit out of it without sacrificing its patriotic sensibility? Or is this vendor or supplier a true blooded Filipino in the first place in the truest sense of the word? That for them it is not only money that’s important but more to the adherence on their promise and oath as a Filipino nationalist to this country.
LikeLiked by 1 person
Thanks Rudy for your inputs. Have faith with your Signal corpsmen in high places today. Like you, they are also patriots! They know what they are doing and well-organized now…In order for them to fight in cyberspace, it must be accessible to them whomever, wherever …
LikeLike
BG POL SUMAYO AFP (Ret):
Sir my take on the Security Concerns of DITO towers inside military camps?
The possibility of eavesdropping, interception, jamming? Yes, all these concerns are real but it will require the installation of various comms equipment. These comms equipment can be installed in cell Towers, Telco IT and Data Centers or in anywhere with high speed internet connections. These equipment can even be fitted in vehicles. Meaning electronic data collection activities can be done anywhere. So all these considered, the likelihood of foreign technical intelligence collection units installing these equipments in the cell towers inside military camps, with strict security protocol in effect, is Very Low. Why? Because, all their equipment will have to pass through strict security inspections and they can perform eavesdropping, interception and jamming anywhere in the world. So, the question is, will they attempt to install those equipment inside military camp with a very high likelihood of being exposed? Definitely NOT! Also, they can conduct surveillance even if they are in their home country. Therefore, the security risk of technical espionage inside our military camp is very very low. But the threat is real. The threat of technical espionage in the Philippines is real and there is no question about that. However, there are ways to counter or deny enemy electronic data collection efforts.
As a matter of fact, even before DITO came into being, technical espionage has been going on since 2007. However, they are not using the telco towers. They are doing it somewhere else.
What must be done by government?
1. To establish intelligence exchange conferences with other countries intelligence agencies and exert effort to identify telecom equipment used, like network devices, switches, core switch, diameter, by China that is fitted with imbedded firmware and backdoors. I am sure all those equipment are already identified.
2. To encourage more telcos to operate in the Philippines. The more telco choices the more difficult it is to focus on a target.
3. To strengthen the Technical Surveillance and Electronic Warfare capability, detection and Countermeasures of our security forces.
4. Update cybersecurity, telecommunications, networking and other technology, IoT and AI related policies, in order to ensure Confidentiality, Integrity and Availability of Data at Rest, Data in Motion and Data in Use.
LikeLike