PETALING JAYA: Bursa Malaysia Bhd will continue to review and implement measures to ensure that its systems are adequately protected as it places high priority on the security of its systems and the integrity of its operations and services.
The exchange told StarBiz yesterday that during the recent distributed denial of service (DDoS) attack, it deployed contingency technical measures to ensure that data integrity remained intact and was not compromised.
“We have also conducted a comprehensive review of the incident and alerted the relevant authorities for further action,” an official of the Exchange said through an e-mail reply.
The official said Bursa Malaysia was cognisant of the critical role that technology played in its business operations and the Exchange was also working closely with local and foreign security-system experts to safeguard its operations and services.
On Monday, Bursa Malaysia Bhd's website became the target of DDoS attack resulting in users having only intermittent access to it.
In a statement, it said contingency measures were activated to provide continued access to the website.
“As a result of the contingency measures, access by international users may still be temporarily affected. Users in Malaysia are not expected to experience any disruption,” Bursa said.
Bursa Malaysia's other systems were not affected during the incident and trading in its securities, derivatives and Islamic markets continue to operate normally.
An information technology (IT) expert told StarBiz that DDoS happened when a volume of compromised systems attacked a single target, resulting in denial of service for users of the targeted system.
“The constant incoming messages to the target system will force it to shut down denying service to legitimate users,” the expert said.
A recent international IT report said that firewalls or intrusion prevention systems (IPS) alone could not stop DDoS attacks despite being designed to provide network security.
Often the firewall was the weakest link and to stop DDoS attacks, dedicated hardware solutions were needed, not IPS and firewall technologies, it said.
Did you find this article insightful?