Putting a stop to cybercrime


Amirudin: Critical for all institutions to be well prepared and not fall victim to ransomware.

MANY measures can be taken to keep education institutions safe from the growing threat of cyber attacks – a menace they are facing more and more as learning continues in the cybersphere.

CyberSecurity Malaysia (CSM) chief executive officer (CEO) Datuk Dr Amirudin Abdul Wahab said it can be challenging – but critical – for all institutions to be well prepared and not fall victim to ransomware.

“Institutions that build a strong cybersecurity foundation will find themselves far less vulnerable to attacks,” he told StarEdu.

The first line of defence, he said, is practising “good network and security hygiene”.

Such measures, he added, include segmenting networks to make it harder for ransomware to spread from system to system, keeping endpoint anti-malware software up to date, and patching known vulnerabilities in operating systems and applications as quickly as possible.

“Steps such as continuously testing defences, as well as users to ensure they can detect and avoid email attacks, are vital.

“Having strong data-exfiltration defences, multi-version backups with the ability to quickly restore systems, and an emergency response plan can help ensure an organisation survives a ransomware attack,” he said.

CLICK TO ENLARGE
CLICK TO ENLARGE

Students and staff must also play their part in defending their education institutions from cyber attacks and it begins with awareness of cybersecurity and online safe practices.

“IT system administrators handling campus networks must also develop proper policies and procedures to be able to mitigate and respond to any incidents should they occur eventually,” said Amirudin.

He said CSM – through their Malaysia Computer Emergency Response Team (MyCERT) – advises Internet users to be updated with the latest security announcements and follow best practices for security policies to determine which updates should be applied.

While adopting the latest technology can help to protect against cyber threats, Malaysian Association of Private Colleges and Universities (Mapcu) president Datuk Parmjit Singh said it may not be enough.

“Having sophisticated technologies such as artificial intelligence-powered cyber defence systems with self-learning technology to detect and respond to cyber attacks does help to contain such attacks but this alone is insufficient,” he said.

He said attackers tend to target security’s weakest link – people.

Hence, Parmjit is in support of inculcating a continuous learning culture about cybersecurity – which is “a very important element in combating this kind of war”.

“Having knowledge of monitoring and preventing cyber attacks is not sufficient as attacks are driven with almost unlimited capabilities,” he said, adding that new approaches are needed in learning how to deal with them, including simulating complex cyber attacks.

Parmjit, who is also Asia Pacific University of Technology & Innovation (APU) CEO, said the university also collaborates closely with leading cybersecurity organisations and has established its own Security Operations Centre (SOC) to counter these cyber threats, in collaboration with the Malaysia Digital Economy Corp (MDEC) and industry partners.

“This allows us to implement four key measures: predict, prevent, detect and respond,” he added.

Microsoft Malaysia national technology officer Dr Dzahar Mansor said one good way of protecting oneself from cyber attacks is adopting modern security approaches such as “Zero Trust”.

“Zero Trust is based on the principle of never trusting, always verifying. Through this, it ensures continuous verification of identities, devices and services within the organisation to not only reduce exposure to digital threats, but to also prevent them altogether,” he added.

APU deputy vice-chancellor and chief innovation officer Prof Dr Vinesh Thiruchelvam said defending against ransomware attacks requires a tiered approach to be used for the security model that is in place.

“A strategy playbook is essential for the network’s overall health,” he said, adding that higher education institutions in Malaysia apply three guiding principles – explicit verification, usage of least privileged access (LPA) and breach assumption – to protect themselves from malware.

“Explicit verification shuts the gaps in multi-factor authentication (MFA) coverage across the network. The idea is to use all available data – identity, endpoint, and network data – to authenticate all access requests by default regardless of origin.

“For LPA, privileges and access to digital resources should be provided on a strictly ‘needs’ basis, to ensure attackers have fewer opportunities to move laterally within the network even after an initial breach,” he said, adding that access should be frequently audited.

“Institutions should also adopt a ‘breach assumption’ mindset where the network monitoring system in place operates under the assumption that a breach has happened or will occur,” he added.

Get 20% OFF The Star Digital Access

Monthly Plan

RM 13.90/month

RM 11.12/month

Billed as RM 11.12 for the 1st month, RM 13.90 thereafter.

Best Value

Annual Plan

RM 12.33/month

RM 9.87/month

Billed as RM 118.40 for the 1st year, RM 148 thereafter.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Education

Zambry hits back at Nga over 'tortoise' remark on UEC issue
Melaka Education Dept probes penknife incident, tightens security at schools
Nearly 162,000 special needs students enrolled under Education Ministry, Dewan Rakyat told
Over 8,000 teaching vacancies filled this year, thousands more to be deployed, Dewan Rakyat told
School stabbings show an urgent need for stronger preventive measures, says Lam Thye
Over 96,000 Form Six students to receive Early School Aid
Govt approves 10-year extension of TAR UMT tax exemption
Unfair, highly restrictive tax-exempt conditions imposed on TAR UMT, says MCA president
TARC Education Foundation receives three-year tax exemption extension
PM congratulates 17 Malaysian students on hauling 22 medals at Olympiad finals in Macau

Others Also Read