19 June 2023

Smart Communications - a wholly owned subsidiary of PLDT Inc. - provides mobile communications services, high-speed internet connectivity, and access to digital services and content.

For PLDT and Smart, keeping children safe online has become a key target. The legal and regulatory affairs group at PLDT is engaging with Congress to craft new laws pertaining to child protection. The corporate communications group builds awareness amongst the community on the same topic, incorporating a cybersecurity perspective to ensure that children across the Philippines are protected from harm online.

In line with their ethos, the cybersecurity operations team set out to build an AI-based fully automated platform to block traffic related to Child Sexual Abuse Materials (CSAM), demonstrating their commitment to securing not just users and network infrastructure but also keeping children safe online. The goal was to build a Child Protection Platform to block CSAM traffic, especially at a content level, without violating privacy laws.

As the country’s largest fully integrated telco, PLDT and Smart are the only telco companies in the Philippines with the ability to block up to the content level instantly, keeping children safe, and preventing abusers from taking advantage of children online.

“This platform is built based on a concept. The primary challenge was to block all traffic related to CSAM, especially at the content level, as illicit files have filtered their way into legitimate domains,” said Angel Redoble, group CISO of PLDT, Smart, and ePLDT (the ICT arm of PLDT Enterprise).

However, the law does not allow internet service providers (ISPs) in the Philippines to actively sift through information that passes through their network. PLDT and Smart employ open-source threat intelligence gathering, invest in available commercial threat intelligence, and depend on law enforcement agencies to share the links of CSAM materials posted on the internet.

PLDT and Smart were looking for a comprehensive fully automated solution to bring consistent security and visibility to their network. The team considered privacy laws, customer experience, and false positives so that they did not end up blocking access to sites that are deemed to be CSAM when they are not.

Taking control of the network

Smart and PLDT required a comprehensive and scalable solution alongside 5G expansion to provide granular visibility, control, and automated security to tackle an expanding attack surface due to the growing interconnectivity, speed, and scale of 5G networks.

“We needed a trusted cybersecurity technology company who would be at the centre of our platform and provide consistent security and visibility across our network. Since it was imperative that the solution needed to be tailor-built to suit our needs, we were on the lookout for an innovative cybersecurity partner, which we found in Palo Alto Networks,” said Redoble.

Palo Alto Networks was equally invested in creating a safe online experience for children, being simultaneously invested in its own Cyber Safe Kids program.
Enabling PLDT and Smart Child Protection Platform with Palo Alto Networks, the cybersecurity operations team built the PLDT and Smart Child Protection Platform from scratch to satisfy not only the required functionality but also the processes that would successfully operationalise it across multiple groups within PLDT and Smart, leveraging automation and orchestration. The solution needs to be fully automated, and AI-based to span fixed line and wireless environments seamlessly.

PLDT and Smart then released a Request for Proposal, which challenged leading cybersecurity vendors, including Palo Alto Networks, for a live proof of concept (PoC) on how they will deploy and operationalise their Child Protection Platform within two months. After a two-month live PoC that included the integration with the network operational and security operational processes, the team was satisfied with how the Palo Alto Networks platform, comprising Machine Learning Next-Generation Firewalls (ML-NGFWs) and Cortex XSOAR, met the extensive integration, orchestration, automation, and security requirements of the PLDT and Smart Child Protection Platform.

Since the Philippine law does not allow ISPs to actively sift through information that passes through their network, PLDT and Smart needed to ensure that the Palo Alto Networks platform, consisting of ML-NGFWs and Cloud-Delivered Security Services, including Threat Prevention, Advanced URL Filtering, WildFire and 5G-Native Security, can block traffic related to CSAM. Palo Alto Networks scrutinises the content and converts URLs for redirection. Through matching the blocked URLs against the blocked listing policy, necessary steps are taken to alert PLDT and Smart that the user is trying to access CSAM.

Since the Child Protection Platform from PLDT and Smart extensively leverages automation and orchestration, it can be easily and proactively scaled and integrated to address future challenges as the organisations, and their requirements evolve. More than one billion access attempts blocked in real time to date Since November 2021, more than one billion access attempts to blacklisted URLs have been blocked in real time. The impact of this project is immense, given the objectives of this project.