I. Chapter 1.

Problem and its Background

Introduction

Cyberterrorism is often defined as any premeditated, politically motivated

attack against information systems, programs and data that threatens violence or
results in violence. The definition is sometimes expanded to include any cyber-attack
that intimidates or generates fear in the target population. Attackers often do this by
damaging or disrupting critical infrastructure.

Various security organizations view cyberterrorism and the parties involved

differently. It is further defines as "premeditated, politically motivated attack against
information, computer systems, computer programs and data, which results in
violence against noncombatant targets by subnational groups or clandestine agents."

A cyberterrorist attack was different from a common virus or denial of service

(DoS) attack. A cyberterrorist attack is a type of cybercrime explicitly designed to
cause physical harm. However, there is no consensus among governments and the
information security community on what qualifies as an act of cyberterrorism.

Other organizations and experts have said that less harmful attacks can be
considered acts of cyberterrorism. When attacks are intended to be disruptive or to
further the attackers' political agenda, they can qualify as cyberterrorism, according
to these other groups. In some cases, the differentiation between cyberterrorism
attacks and ordinary cybercrime lies in the intention: The primary motivation for
cyberterrorism attacks is to disrupt or harm the victims, even if the attacks do not
result in physical harm or cause extreme financial harm.

In other cases, the differentiation is tied to the outcome of a cyber attack.

Many cybersecurity experts believe an incident should be considered cyberterrorism
if it results in physical harm or loss of life. This can be either direct or indirect harm
through damage to or disruption of critical infrastructure.

Background of the study

History of cyber terrorism, small wars Journal notes that the term “cyber
terror” was coined in the 1980s by Barry C. Collin, a research fellow at the Institute
for Security and Intelligence. Collin defined the term as “the convergence of
cybernetics and terrorism”; the goal of causing fear and widespread panic has
always been at the heart of cyber terror attacks.

The first computer worm transmitted over the internet was the Morris Worm,
created in 1988 by Robert Tappan Morris, a student at Cornell University, as the tech
site ARN explains. The worm was not intended to be malicious, but an error in its
code caused it to become a virus that replicated rapidly and ultimately infected about
6,000 computers. The Morris Worm is estimated to have caused as much as $100
million in damage.
 Terrorists soon took advantage of malicious software such as worms to
promote their political, social, and economic ends. These are among the earliest
events in the history of cyber terrorism:

Historical events of cyber terrorism in the Philippines

The Philippines continues to face the challenge of effectively addressing the

problem of illegal cyber activity and cybercrime victimization, a challenge it shares
among developing countries in South East Asia and in other parts of the world.

Most common among internet crimes are fraud, sexual abuse and
exploitation, bullying, and identity theft. The utilization of technology as it expands
and develops in various industries and sectors in the country is expected to increase,
due to the lack of necessary safeguards to prevent, and in some cases because of
the lack of understanding on the risks involved regarding its misuse.

The geography of the Philippines and its present socio-economic conditions

as it continuously works to strengthen political stability and national security is a
perfect condition in which different kinds of illicit cyber activities flourish. The
anonymity in the Internet, the legal and jurisdictional issues involved in technology-
facilitated crimes, and the vast victim and recruitment source and lure of easy
money, motivates a culture of cyber criminality which may later lead to more serious
organized criminal underground. The threat of transnational organized criminal
groups operating in the country poses a serious concern as it affects the economic
and political stability of the country.

This situation, however, is slowly changing as government and international

attention is increasing and the rate of cybercrime or cyber-attacks on industry and on
innocent citizens also begins to rise. Victims or concerned citizens are now surfacing
to report cybercrime incidents to the police.

The private industry particularly the major Internet Service Providers (ISPs),
has begun to collaborate on issues of cyber security and cybercrime prevention, but
much work remains to be done especially in the manner of preservation and
providing evidence stored in them.

The cyber-criminal underground in the country continually evolve into a

sophisticated transnational criminal activity and in some cases has links with terrorist
characters. The cyber offenders have become audacious due to challenges being
faced by government in their detection, apprehension and prosecution than their
counterparts elsewhere.

Theoretical Frameworks

Introducing a theory of cyber conflict centered on the concepts of restraint,

regionalism, espionage, and state-sponsored terrorism. Though one expects to find
that fears of retaliation dominate state thinking in cyber relations, states are not
prone to use the tactic for fear of the consequences or blowback from the action. The
chapter also suggests that regionalism dominates in cyber relations. Espionage is
expected in cyberspace because it is an easier forum for states to steal information
and documents from adversaries than traditional “boots on the ground” tactics. Less
powerful states will also utilize cyber espionage to project power on the status quo
states. Finally, cyber state terrorism is expected, but its impact will be minimal and
will not change relations between rival states. These theories defy conventional
wisdom but accurately explain the actual use of the tactics.

Concept of restraint - The principle of restraint therefore urges that the

criminal law should be used when identifiable forms of behavior cause serious harm
to the fabric of society and, conversely, that it should not be used when other
responses are available and might be effective. Based on this analysis, "outside-in"
approach to promoting cyber norms that would allow the Philippines to bypass
current international and National disagreements to encourage the development of
norms to constrain the most destructive and escalatory forms of cyber aggression.

Concept of regionalism - Regionalism refers to three distinct elements: a)

movements demanding territorial autonomy within unitary states; b) the organization
of the central state on a regional basis for the delivery of its policies including
regional development policies; c) political decentralization and regional autonomy. In
the Philippines, as technical and electronic landscapes change, there is a need to
enact laws or amend existing laws to fully address cyber threats.

Concept of espionage - Espionage is the crime of spying or secretly watching

a person, company, government, etc. for the purpose of gathering secret information
or detecting wrongdoing, and to transfer such information to another organization or
state. Cyber espionage is a form of cyber attack that steals classified, sensitive data
or intellectual property to gain an advantage over a competitive company or
government entity.

Concept of state-sponsored terrorism - State-sponsored terrorism is terrorist

violence carried out with the active support of national governments provided to
violent non-state actors. States can sponsor terrorist groups in several ways,
including but not limited to funding terrorist organizations, providing training,
supplying weapons, providing other logistical and intelligence assistance, and
hosting groups within their borders. Because of the pejorative nature of the word, the
identification of particular examples are often subject to political dispute and different
definitions of terrorism.

A wide variety of states in both developed and developing areas of the world
have engaged in sponsoring terrorism. During the 1970s and 1980s, state
sponsorship of terrorism was a frequent feature of international conflict. From that
time to the 2010s there was a steady pattern of decline in the prevalence and
magnitude of state support. Nevertheless, because of the increasing consequent
level of violence that it could potentially facilitate, it remains an issue of highly salient
international concern

Conceptual Framework
 Cybercrime is criminal activity that either targets or uses a computer, a
computer network or a networked device. Most cybercrime is committed by
cybercriminals or hackers who want to make money.

Uneasiness arises from the possibility of random cyber attacks. In the global
information and network warfare battle, cyber-terrorism has become a critical
concern in that terrorists may seek to strike the innocent and wreak havoc due to
dependency on networked communications. However, much misconception exists
over what exactly cyber-terrorism entails and the role of cyber crime and hacking. A
conceptual framework is therefore proposed and focuses on clarifying the field by
summarising techniques, objectives, targets and capabilities. The framework strives
to provide a more descriptive synopsis of cyber-terrorism and form a good baseline
to contextually place the area of cyber-terrorism against the backdrop of other
computer and network crime.

Cybersecurity is paramount for sustaining a technologically-sound model. The

disruption of electricity or the impairment of financial systems through interference
with ICT networks is a reality; these events constitute national security threats.
Malicious online agents are numerous, organized and of diverse persuasions:
political, criminal, terrorist, hacktivist. The tools at their disposal become more
sophisticated and complex over time and with experience; the growing number of
connected platforms only serves to offer new attack vectors. There is no going back
to simpler times. In embracing technological progress, cybersecurity must form an
integral and indivisible part of that process.

Statement of the Problem

Proposed Main Problem of the Study:

a. What is Cyber Terrorism?

b. What are the Legal issues of Cyber terrorism that must be considered in the
application of Law in the Philippines?

c. What is/are the methods in combatting Cyber Terrorism?

Sub-Problem of the Study:

a. How does the law regulates Cyber Terrorism?

b. Does the Law covering cyber terrorism violates the Constitutional for right to
provacy?

c. Can the establishment of a proper definition of cyber terrorism can be

use as a basis to prosecute cyber terrorism offenses?

e. What are the challenges in combatting Cyber terrorism in the Philippines?

f. What are the opportunities in combatting Cyber terrorism in the Philippines?

Significance of the Study

The intention of cyberterrorist groups is to cause mass chaos, disrupt critical

infrastructure, support political activism or hacktivism, or inflict physical damage and
even loss of life. Cyberterrorism actors use various methods.

Concern about the potential danger posed by cyberterrorism is thus well

founded. That does not mean, however, that all the fears that have been voiced in
the media, in Congress, and in other public forums are rational and reasonable.
Some fears are simply unjustified, while others are highly exaggerated. In addition,
the distinction between the potential and the actual damage inflicted by
cyberterrorists has too often been ignored, and the relatively benign activities of most
hackers have been conflated with the specter of pure cyberterrorism. This report
examines the reality of the cyberterrorism threat, present and future. It begins by
outlining why cyberterrorism angst has gripped so many people, defines what
qualifies as “cyberterrorism” and what does not, and charts cyberterrorism’s appeal
for terrorists. The report then looks at the evidence both for and against Western
society’s vulnerability to cyberattacks, drawing on a variety of recent studies and
publications to illustrate the kinds of fears that have been expressed and to assess
whether we need to be so concerned. The conclusion looks to the future and argues
that we must remain alert to real dangers while not becoming victims of overblown
fears.

Cybersecurity is important because it protects all categories of data from theft

and damage. This includes sensitive data, personally identifiable information (PII),
protected health information (PHI), personal information, intellectual property, data,
and governmental and industry information systems. Cyber Patrolling Inspection on
ISPs and their activities conducted by the law enforcement officials using search
engines, online browsing and other technical means. Cyber Police Patrol by Law
enforcement staff browsing the internet in order to detect and prevent cyber crime.
and cyber terrorist and to Learn more in: Cyber Security and Anti-Social Networking

Scope and Limitation

The media, politicians, academics, and practitioners have labeled numerous

incidents of cybercrime as a form of "cyberwar" or "cyberwarfare". Like other topics
discussed in this Module, there is no single, universal definition of cyberwarfare.
Cyberwarfare is used to describe cyber acts that compromise and disrupt critical
infrastructure systems, which amount to an armed attack (Maras, 2016). An armed
attack intentionally causes destructive effects (i.e., death and/or physical injury to
living beings and/or destruction of property). Only governments, organs of the state,
or state-directed or state-sponsored individuals or groups can engage in
cyberwarfare.
 Existing legal rules and norms on warfare have been applied to cyberwarfare.
Before engaging in cyberwarfare, jus ad bellum (i.e., the right to use force) needs to
be established. Here, the reasons for using any form of force must be legitimate and
sanctioned by law. One such justified reason is self-defense. Countries can engage
in the use of force for self-defence purposes pursuant to Article 51 of the UN Charter
of 1945, which holds that:

Charter shall impair the inherent right of individual or collective self-defense if

an armed attack occurs against a Member of the United Nations, until the Security
Council has taken measures necessary to maintain international peace and security.
Measures taken by Members in the exercise of this right of self-defense shall be
immediately reported to the Security Council and shall not in any way affect the
authority and responsibility of the Security Council under the present Charter to take
at any time such action as it deems necessary in order to maintain or restore
international peace and security.

When engaging in cyberwarfare, jus in bello (i.e., the right conduct during war)
is required. Here, the cyber acts that amount to a use of force must be: proportionate
(both to the threat that justified this response and in light of the potential collateral
damage); aimed at minimizing casualties through the adoption of certain
precautionary measures; discriminating in its targets (i.e., only the actual target
should be subjected to the cyber act); and used only as a last resort, after lesser
invasive means have been exhausted and/or ruled out as unfeasible options.

Definition of Terms

II. Review of Related Literature

Review of Local Limitations

Methods used for cyberterrorism

The intention of cyberterrorist groups is to cause mass chaos, disrupt critical
infrastructure, support political activism or hacktivism, or inflict physical damage and
even loss of life. Cyberterrorism actors use various methods. These include the
following types of attacks:

Advanced persistent threat (APT) attacks use sophisticated and concentrated

penetration methods to gain network access. Once inside the network, the attackers
stay undetected for a period of time with the intention of stealing data. Organizations
with high-value information, such as national defense, manufacturing and the
financial industry, are typical targets for APT attacks. Computer viruses, worms and
malware target IT control systems. They are used to attack utilities, transportation
systems, power grids, critical infrastructure and military systems.
 DoS attacks attempt to prevent legitimate users from accessing targeted
computer systems, devices or other computer network These attackers often go after
critical infrastructure and governments.

Hacking, or gaining unauthorized access, seeks to steal critical data from

institutions, governments and businesses.

Ransomware, a type of malware, holds data or information systems hostage

until the victim pays the ransom. Some ransomware attacks also exfiltrate data.
Phishing attacks attempt to collect information through a target's email, using that
information to access systems or steal the victim's identity.

Review of Foreign Limitations

Cyberterrorist acts are carried out using computer servers, other devices and
networks visible on the public internet. Secured government networks and other
restricted networks are often targets.

Physical harm is not always considered a prerequisite for classifying a cyber

attack as a terrorist event. The North Atlantic Treaty Organization, known as NATO,
has defined cyberterrorism as a cyber attack that uses or exploits computer or
communication networks to cause "sufficient destruction or disruption to generate
fear or to intimidate a society into an ideological goal."

Examples of cyberterrorism according to NATO include the following:

1. Disruption of major websites. The intent here is to create public inconvenience or

stop traffic to websites containing content the hackers disagree with.

2. Unauthorized access. Attackers often aim to disable or modify communications

that control military or other critical technology.
3. Disruption of critical infrastructure systems. Threat actors try to disable or disrupt
cities, cause a public health crisis, endanger public safety or cause massive panic
and fatalities. For example, cyberterrorists might target a water treatment plant,
cause a regional power outage or disrupt a pipeline, oil refinery or fracking operation.

4. Cyberespionage. Governments often carry out or sponsor cyberespionage

attacks. They aim to spy on rival nations and gather intelligence, such as troop
locations or military strategies
.
The threat of cyberterrorism is greater than ever. In 2021, the Center for Strategic
and International Studies (CSIS), a bipartisan, nonprofit policy research group,
identified 118 significant cyber attacks that either occurred during that time or were
acknowledged to have occurred earlier. Significant attacks, as the CSIS defines
them, include those that target government agencies, defense and high-tech
companies, as well as economic crimes with losses over $1 million.

III. Research Methodology

Research Design

Source Gathering Procedure

Primary Sources

Secondary Sources
Cybercrime is criminal activity that either targets or uses a computer, a computer
network or a networked device. Most cybercrime is committed by cybercriminals or
hackers who want to make money. However, occasionally cybercrime aims to
damage computers or networks for reasons other than profit. These could be political
or personal.

Cybercrime can be carried out by individuals or organizations. Some cybercriminals

are organized, use advanced techniques and are highly technically skilled. Others
are novice hackers.

What are the types of cybercrime?

Types of cybercrime include:

Email and internet fraud.

Identity fraud (where personal information is stolen and used).
Theft of financial or card payment data.
Theft and sale of corporate data.
Cyberextortion (demanding money to prevent a threatened attack).
Ransomware attacks (a type of cyberextortion).
Cryptojacking (where hackers mine cryptocurrency using resources they do not
own).
Cyberespionage (where hackers access government or company data).
Interfering with systems in a way that compromises a network.
Infringing copyright.
Illegal gambling.
Selling illegal items online.
Soliciting, producing, or possessing child pornography.
Cybercrime involves one or both of the following:

Criminal activity targeting computers using viruses and other types of malware.
Criminal activity using computers to commit other crime

Research Procedure

IV. Presentation of Result and Discussion

To address the legal frame works in combatting cyber terrorism, concerning

issues and to create a law to be more effective and fair tool in the fight against
terrorism using the cyber world. First and foremost, we must first discussed the
definition of terrorist offences, the design of practical and accountable legislation,
and determine challenges for fulfillment of the Philippines' obligations under the law.

To better understand why cyber terrorism acts are committed, this study
examines cyber terrorism from motivational perspectives. Motivational forces behind
cyber terrorism can be social, political, ideological, and economic. In this research, data
were analysed using a qualitative method. The outcome of this study serves as a useful
foundation for understanding the concept of cyber terrorism from motivational
perspectives.

The Philippines as been responding against any form of terrorist activity, has
no existing law covering Cyber terrorism, which applies to offences across borders;
therefore the proper response which has the potential to combat cyber terrorism
should be transnational. Countries must bind together with multilateral and bilateral
cooperation. In this section, the most effective organizational structures will be
considered as.aims to study the available international mechanisms for the purpose
of establishing cooperation in responding to cyber terrorism. The current
international cooperation and responses for cyber terrorism are reviewed and
analyzed. The responses of international organizations to cyber terrorism cases are
also considered

Cyber law encompasses three broad categories: Crimes against people

(harassment, stalking, pornography, identity theft) Crimes against property
(Distributed Denial of Service attacks, hacking, copyright infringement) Crimes
against the government (hacking, cyber terrorism)

Today, we see that traditional crime has migrated to the internet. The types of
crimes that people have been committing over the years, such as fraud and extortion
and crimes of a similar nature have just moved on to the internet. Therefore, where
people might have taken photos of you in a compromising position before and
extorted you, now they will steal your information and extort you by threatening to
release that information unless they are paid, or by destroying that information
unless they are paid.

Cyber-terrorism is a tempting proposition for a terrorist group, as they would

require less people and fewer resources. Moreover, it enables the terrorist to remain
unknown, since it is carried out far away from the actual location of the terrorist.
Cyber terrorists can set up anywhere and remain anonymous. It consists of physical
terrorism and cyber-terrorism. Cyber terrorists exploit technology via the internet to
implement their terrorist purposes. The idea of a “Digital World Trade Center Attack”,
possibly killing thousands and causing billions of dollars in damage, is very real.1 It
is a development of terrorist capabilities provided by new technologies and
networked organisations, which allow terrorists to conduct their operations with little
or no physical risks to themselves

Through practice Cyberterrorism operates and entails leveraging ICT

infrastructure in order to create real-life damage or critical disruption with the goal of
promoting the attackers' underlying political, religious or social issue. Terrorists may
force their intentions into the digital space in order to advance their agendas. This
fact actually is not surprising because computer and its function including internet as
introduction have been introduced since the young people in elementary school.
Other internet misuse can be found such as illegal contents, online fraud, and
identity theft.

According to National Research Council (2003), there are 3 (three) classes of

attack that addressed to internet, as
following:
1. Service disruption; it causes a loss of service and can result from disabling
of networks through a variety
of attacks such as denial of service (DoS) and destruction of information.
2. Theft of assets; it misuses critical information on a large enough scale to
have major impact.
3. Capture and control; it involves taking control of cyberspace and using
them as a weapon.

Those classes of attacks are then classified as cybercrime and also have
been modified in various modus. Those modus in fact threaten all human beings
activities including infrastructure. To handle and to prevent those crimes, cyber
security plays important role to guarantee people to use internet safely. The research
will briefly introduce the topic of information terror and cyber crime and then address
the definitional problems in delimiting the scope of computer crime and terrorism.
The jurisdictional issues relating both to the investigation and prosecution of crimes
that frequently involve a multitude of countries will then be addressed. Specific
attention will be addressed to the need in many cases to promptly back-hack,
electronically, through several countries in order to preserve evidence and identify
the perpetrator. The paper will then assess constitutional and statutory concerns,
which must be considered. Finally, the paper will address the necessity and
desirability of a new treaty in light of existing treaties and concurrent work being
done by the countries.

Cyber-attacks are impossible without necessary technology and a minimal

knowledge (at least by one person) of how electronic networks operate. Since more
than two billion people on Earth have access to the Internet, and hacking and
cracking manuals are available online, everyone
including self-taught individuals, groups, large non-state actors, corporations, and
states,52 at least in theory, can engage in cyber-attacks

Cyber warfare and cyber terrorism

Cyber warfare occurs when states or international organizations perpetrate
hostile acts against other states using cyberspace as a battleground. The acts are
committed using malware and other technologies to target the computer systems of
governments and businesses. Such attacks constitute an act of war because they
are acts of aggression by one state against another.

Cyber warfare and cyber terrorism are linked through their common goals: to
destabilize enemy states or compromise their physical and/or digital infrastructure.
Examples of cyber warfare include the 2010 Stuxnet worm that disabled Iran’s
nuclear infrastructure (believed to have been developed by the U.S. with Israeli
support), the 2015 breach of the U.S. Office of Personnel Management by China,
and Russia’s interference in the 2016 U.S. presidential election.

Other Laws in the Philippines Covering Cyber Terrorism

Republic Act 9372 An Act to secure the State and protect our people from Terrorism
known as the "Human Security Act of 2007."

Section 2. Terrorism - Any person who commits an act punishable under any of the
following provisions of the Revised Penal Code:

a. Article 122 (Piracy in General and Mutiny in the High Seas or in the Philippine
Waters) ;

b. Article 134 (Rebellion or Insurrection) ;

c. Article 134-a (Coup d' Etat) , including acts committed by private persons;

d. Article 248 (Murder) ;

e. Article 267 (Kidnapping and Serious Illegal Detention) ;

f. Article 324 (Crimes Involving Destruction) , or under

1. Presidential Decree No. 1613 (The Law on Arson) ;

2. Republic Act No. 6969 (Toxic Substances and Hazardous and Nuclear
Waste Control Act of 1990) ;

3. Republic Act No. 5207, (Atomic Energy Regulatory and Liability Act of
1968) ;

4. Republic Act No. 6235 (Anti-Hijacking Law) ;

5. Presidential Decree No. 532 (Anti-Piracy and Anti-Highway Robbery Law of

1974) ; and,

6. Presidential Decree No. 1866, as amended (Decree Codifying the Laws on

Illegal and Unlawful Possession, Manufacture, Dealing in, Acquisition or Disposition
of Firearms, Ammunitions or Explosives)

Republic Act 10175 An Act to prevent, prohibit and penalized Terrorism, thereby
repealing Republic Act 9372, otherwise known as the "Human Security Act of 2007"
Section 4. Terrorism.- Subject to Section 49 of this Act, terrorism is committed by
any person who, within or outside the Philippines, regardless of the stage of
execution:

(a) Engages in acts intended to cause death or serious bodily injury to any person, or
endangers a person's life;

(b) Engages in acts intended to cause extensive damage or destruction to a

government or public facility, public place or private property;

(c) Engages in acts intended to cause extensive interference with, damage or

destruction to critical infrastructure;

(d) Develops, manufactures, possesses, acquires, transports, supplies or uses

weapons, explosives or of biological, nuclear, radiological or chemical weapons; and

(e) Release of dangerous substances, or causing fire, floods or explosions.

When the purpose of such act, by its nature and context, is to intimidate the
general public or a segment thereof, create an atmosphere or spread a message of
fear, to provoke or influence by intimidation the government or any international
organization, or seriously destabilize or destroy the fundamental political, economic,
or social structures of the country, or create a public emergency or seriously
undermine public safety, shall be guilty of committing terrorism and shall suffer the
penalty of life imprisonment without the benefit of parole and the benefits of Republic
Act No. 10592, otherwise known as "An Act Amending Articles 29, 94, 97, 98 and 99
of Act No. 3815, as amended, otherwise known as the Revised Penal Code".
Provided, That, terrorism as defined in this section shall not include advocacy,
protest, dissent, stoppage of work, industrial or mass action, and other similar
exercises of civil and political rights, which are not intended to cause death or
serious physical harm to a person, to endanger a person's life, or to create a serious
risk to public safety.

Republic Act 10168 An Act Defining the crim

e of financing of terrorism, providing penalties therefor and for other purposes shall
be known as “The Terrorism Financing Prevention and Suppression Act of 2012”.

Section 2. Declaration of Policy. – It is the policy of the State to protect life, liberty,
and property from acts of terrorism and to condemn terrorism and those who support
and finance it and to recognize it as inimical and dangerous to national security and
the welfare of the people, and to make the financing of terrorism a crime against the
Filipino people, against humanity, and against the law of nations.
The State, likewise, recognizes and adheres to international commitments to combat
the financing of terrorism, specifically to the International Convention for the
Suppression of the Financing of Terrorism, as well as other binding terrorism-related
resolutions of the United Nations Security Council pursuant to Chapter 7 of the
Charter of the United Nations (UN).

Toward this end, the State shall reinforce its fight against terrorism by criminalizing
the financing of terrorism and related offenses, and by preventing and suppressing
the commission of said offenses through freezing and forfeiture of properties or
funds while protecting human rights.

V. Summary, Conclusions and Recommendations

Bibliography

Appendices

https://unafei.or.jp/publications/pdf/RS_No79/No79_12PA_Sosa.pdf
https://acg.pnp.gov.ph/main/cyber-security-bulletin/20-publications/42-cybercrime-
threat-landscape-in-the-philippines.html
https://www.itu.int/en/ITU-D/Cybersecurity/Documents/
GCI_Conceptual_Framework.pdf
https://www.usip.org/sites/default/files/sr119.pdf