“Our Internet gateway filters spam and malware from entering our network. All email attachments are scanned for viruses and malware using advanced detection techniques that provide a high level of protection. Attachments will be removed if a dangerous file is detected prior to user access. In addition, when users receive messages with links to web pages, the intrusion system in place verifies whether the links are related to phishing scams, which are likely to be a download of viruses or malware onto a user’s device. If users click on a suspicious link, they will be redirected to a warning page for alerts. All our users are required to store their files on a cloud drive service that comes with ransomware detection software that notifies the users when their files have been attacked and guides them through the process of restoring the files if it happens. We also encourage our users to have BitLocker encryption. The Windows Exploit Guard on their personal mobile devices is also provided with advanced protection against ransomware. Most importantly, creating awareness about the importance of protecting themselves from cybercrime particularly during student orientation and staff induction briefings is a critical element in our cybersecurity strategy for combating the never-ending daily battle against cybercrime.”

Asia Pacific University of Technology & Innovation deputy vice-chancellor and chief innovation officer

Prof Dr Vinesh Thiruchelvam

“We have strengthened our cyber defence over the last decade, including changing our IT infrastructure and policies to prevent attacks from hackers, spam, phishing, and computer viruses. The first layer of defence is the firewall which prevents users from downloading malicious code from the Internet, including ransomware. The firewall is also used to manage open ports for the internal network. Our Intrusion Prevention System (IPS) — which inspects the content of the traffic and is able to drop a malicious network request based on either behaviour analysis or through the use of signatures — is used to manage network traffic. Our end-users’ computers are also protected by strong anti-malware software that consists of several security features, for instance, anti-virus, host IPS and exploit blockers. Some of these features focus on preventing ransomware attacks. Backup is essential to recover from a ransomware attack and all staff members and students are given one terabyte of cloud storage for them to store their work files. This cloud storage comes with versioning control which helps users go back in time to restore the files if their computers have been compromised. Similar protection is applied to our IT operation. Backup generation procedures are applied to the database and application servers to help reduce data loss or downtime to the services.”

Universiti Sains Malaysia

Centre of Knowledge, Communication, and Technology Digital Management Division Cybersecurity

Section head Khairil Anwar Jusoh