MANY measures can be taken to keep education institutions safe from the growing threat of cyber attacks – a menace they are facing more and more as learning continues in the cybersphere.
CyberSecurity Malaysia (CSM) chief executive officer (CEO) Datuk Dr Amirudin Abdul Wahab said it can be challenging – but critical – for all institutions to be well prepared and not fall victim to ransomware.
“Institutions that build a strong cybersecurity foundation will find themselves far less vulnerable to attacks,” he told StarEdu.
The first line of defence, he said, is practising “good network and security hygiene”.
Such measures, he added, include segmenting networks to make it harder for ransomware to spread from system to system, keeping endpoint anti-malware software up to date, and patching known vulnerabilities in operating systems and applications as quickly as possible.
“Steps such as continuously testing defences, as well as users to ensure they can detect and avoid email attacks, are vital.
“Having strong data-exfiltration defences, multi-version backups with the ability to quickly restore systems, and an emergency response plan can help ensure an organisation survives a ransomware attack,” he said.
Students and staff must also play their part in defending their education institutions from cyber attacks and it begins with awareness of cybersecurity and online safe practices.
“IT system administrators handling campus networks must also develop proper policies and procedures to be able to mitigate and respond to any incidents should they occur eventually,” said Amirudin.
He said CSM – through their Malaysia Computer Emergency Response Team (MyCERT) – advises Internet users to be updated with the latest security announcements and follow best practices for security policies to determine which updates should be applied.
While adopting the latest technology can help to protect against cyber threats, Malaysian Association of Private Colleges and Universities (Mapcu) president Datuk Parmjit Singh said it may not be enough.
“Having sophisticated technologies such as artificial intelligence-powered cyber defence systems with self-learning technology to detect and respond to cyber attacks does help to contain such attacks but this alone is insufficient,” he said.
He said attackers tend to target security’s weakest link – people.
Hence, Parmjit is in support of inculcating a continuous learning culture about cybersecurity – which is “a very important element in combating this kind of war”.
“Having knowledge of monitoring and preventing cyber attacks is not sufficient as attacks are driven with almost unlimited capabilities,” he said, adding that new approaches are needed in learning how to deal with them, including simulating complex cyber attacks.
Parmjit, who is also Asia Pacific University of Technology & Innovation (APU) CEO, said the university also collaborates closely with leading cybersecurity organisations and has established its own Security Operations Centre (SOC) to counter these cyber threats, in collaboration with the Malaysia Digital Economy Corp (MDEC) and industry partners.
“This allows us to implement four key measures: predict, prevent, detect and respond,” he added.
Microsoft Malaysia national technology officer Dr Dzahar Mansor said one good way of protecting oneself from cyber attacks is adopting modern security approaches such as “Zero Trust”.
“Zero Trust is based on the principle of never trusting, always verifying. Through this, it ensures continuous verification of identities, devices and services within the organisation to not only reduce exposure to digital threats, but to also prevent them altogether,” he added.
APU deputy vice-chancellor and chief innovation officer Prof Dr Vinesh Thiruchelvam said defending against ransomware attacks requires a tiered approach to be used for the security model that is in place.
“A strategy playbook is essential for the network’s overall health,” he said, adding that higher education institutions in Malaysia apply three guiding principles – explicit verification, usage of least privileged access (LPA) and breach assumption – to protect themselves from malware.
“Explicit verification shuts the gaps in multi-factor authentication (MFA) coverage across the network. The idea is to use all available data – identity, endpoint, and network data – to authenticate all access requests by default regardless of origin.
“For LPA, privileges and access to digital resources should be provided on a strictly ‘needs’ basis, to ensure attackers have fewer opportunities to move laterally within the network even after an initial breach,” he said, adding that access should be frequently audited.
“Institutions should also adopt a ‘breach assumption’ mindset where the network monitoring system in place operates under the assumption that a breach has happened or will occur,” he added.