With people spending more and more time online than ever before, hackers and other online predators now have the gift of a ripe hunting ground and a steady, unwitting supply of potential victims.
A plethora of malicious scams and intrusions have been detected over the last month or two, affecting vulnerable and sometimes completely oblivious systems all over the world.
In Malaysia, a total of 838 cybersecurity incidents have been reported to CyberSecurity Malaysia between 18 March and 7 April, the same period that the Malaysian government invoked a movement control order (MCO) that heavily restricted free movements around the country.
The number of reported incidents is a staggering 82.5 percent increase compared to the same time frame last year, with most cases involving some form of cyberbullying, fraud, or intruding into an unauthorized system.
Cyber intrusions such as data breaches and distributed denial of service (DDoS) attacks have been targeting local businesses, accounting for 18 percent of the total reported cases during the MCO period. Other reported cases involve individuals or targeting individuals within larger organizations in hopes of obtaining illicit data or interfering and causing mischief within the company’s systems.
The CEO of CyberSecurity Malaysia stated that company IT teams need to be extra vigilant and “proactive” during this period, raising security flags to their employers as well as associations like CyberSecurity Malaysia and the Malaysian Employers Federation (MEF).
The Executive Director of the MEF stated that Malaysian companies need to be more aware and brace themselves for further cyber intrusions. However, he also added that his organization is there to help.
“As companies open our up eyes, we need to be more prepared to assist employees in setting up home offices so that we can address cybersecurity, especially when it involves company data and confidential information,” he commented.
Businesses are especially vulnerable, as a significant number of workers are now working from home, and their devices like laptops and networking infrastructure are less secured than when in their offices.
This might expose security vulnerabilities, but there are practical steps that can be taken to secure valuable data and to guard systems.
Not only are organizational assets at risk, but employees themselves are in jeopardy as hackers attempt to gain access and wreak havoc via a user’s terminal.
The breach attempt could take many forms, ranging from corporate-looking email phishing scam attempts to clicking on seemingly innocent malware-laden links. Staff need to prioritize protecting themselves while working remotely as well.
Many countries with a sizable contingent of digital natives also have some form of cyber policy agency, and Malaysia is no different.
CyberSecurity Malaysia issues regular advisories and best practices guidelines through its Malaysia Computer Emergency Response Team (MyCERT) and its outreach program CyberSAFE (SAFE stands for Cyber Security Awareness for Everyone).
According to an earlier article, the government through the Ministry of Communications and Multimedia (KKMM) is actively pursuing various initiatives to address cyber threats and crimes including strengthening cybersecurity infrastructure and regulating the communications and multimedia ecosystem in the country.
The Deputy Prime Minister stated that KKMM’s 2019-2023 Strategic Plan was introduced with a focus on strengthening cybersecurity and raising the people’s awareness of digital ethics.
She said KKMM and CyberSecurity Malaysia are also actively implementing various cybersecurity awareness programmes to educate internet users on the dangers of cyber threats and crimes, including the National Cyber Etiquette Initiative which is being developed.
It was noted that the recently launched Cyber Security Modular Professional Certification pilot project was introduced to increase the number of cybersecurity experts of quality in the advent of Industry 4.0.
With this project, the government can somewhat enhance the competency of existing cybersecurity practitioners, nurture new and trusted cybersecurity professionals and enhance the competitiveness of the country’s cybersecurity sector.