Cybersecurity is top concern, as online threats mount in Malaysia by 82.5%
With droves of people spending more time online than ever before, the current global climate has awarded hackers and other online predators of the most unsavory kind with ripe hunting ground, and a steady, unwitting supply of potential victims.
As the saying goes, idle hands are the devil’s playground, and when those idle hands belong to industrious cybercriminals, the playground becomes the infinite expanse of the internet. A plethora of malicious scams and intrusions have been detected over the last month or two, affecting vulnerable and sometimes completely oblivious systems all over the world.
In Malaysia, a total of 838 cybersecurity incidents have been reported to CyberSecurity Malaysia between March 18 and April 7, the same time period that the Malaysian government invoked a movement control order (MCO) that heavily restricted free movements around the country.
The number of reported incidents is a staggering 82.5 percent increase compared to the same time frame last year, with the majority of cases involving some form of cyberbullying, fraud, or intruding into an unauthorized system.
Phishing and email scams claiming to contain COVID-19 content represent a fair amount of the fraudulent cases, mirroring the uptick in email, SMS, and other deceptive tactics that have been plaguing Australian web users.
Cyber intrusions such as data breaches and distributed denial of service (DDoS) attacks have been targeting local businesses, accounting for 18 percent of the total reported cases during the MCO period. Other reported cases involve individuals or the targeting individuals within larger organizations in hopes of obtaining illicit data or interfering and causing mischief within the company’s systems.
No word yet on the number of ‘Zoom bombing’ incidents in Malaysia, where hackers gain access to private video conferencing chats and harass the participants. Regional reports have emerged, with intruders disrupting virtual lessons in Singapore schools. In Taiway, the government has officially banned the usage of the popular videoconferencing application within its agencies.
CyberSecurity Malaysia chief executive officer Datuk Dr Amirudin Abdul Wahab has said that company IT teams need to be extra vigilant and “proactive” during this period, raising security flags to their employers as well as associations like CyberSecurity Malaysia and the Malaysian Employers Federation (MEF).
MEF executive director Shamsuddin Bardan says that Malaysian companies need to be more aware and brace themselves for further cyber intrusions. However, he also added that his organization is there to help. “As companies open up our eyes, we need to be more prepared to assist employees in setting up home offices so that we can address cybersecurity, especially when it involves company data and confidential information,” he commented.
Businesses are especially vulnerable, as a significant amount of workers are now working from home, and their devices like laptops and networking infrastructure are less secured than when in their offices. This might expose security vulnerabilities, but there are practical steps that can be taken to secure valuable data and to guard systems.
Not only are organizational assets at risk, but employees themselves are in jeopardy as hackers attempt to gain access and wreak havoc via a user’s personal terminal. The breach attempt could take many forms, ranging from corporate-looking email phishing scam attempts to clicking on seemingly innocent malware-laden links. Staff need to prioritize protecting themselves while working remotely as well.
Many countries with a sizable contingent of digital natives also have some form of cyber policy agency, and Malaysia is no different. CyberSecurity Malaysia issues regular advisories and best practices guidelines through its Malaysia Computer Emergency Response Team (MyCERT) and its outreach program CyberSAFE (SAFE stands for Cyber Security Awareness for Everyone).
Australia has the Australian Cyber Security Centre (ACSC) which helps verify suspicious emails, links and more. Remote working readers in other countries would be well-advised to look up their local cybersecurity advisory committee for localized support and real-time security updates.