EVERY day, an average of 31 cases of cybersecurity incidents like fraud, hacking and data breaches happen in Malaysia.
Such is the rate as at August this year – an increase from the average of 29 cases a day reported to CyberSecurity Malaysia last year.
The agency’s records show that the number of cybersecurity incidents have been steadily rising – from 10,722 in 2019, to 10,790 last year.
Between January and August this year, 7,495 cases were reported.
The top types of incidents are online fraud like scams, followed by intrusion cases like hacking and web defacements.
Another top cyberthreat are malicious codes like ransomware – a software that blocks you from accessing your data until you pay the cybercriminals holding it hostage.
It’s more common now for organisations and companies rather than individuals to face this type of incident – a trend since 2018.
“There have been 58 cases of ransomware reported to us as of August this year. Of the total, most – 30 – involved companies and organisations,” CyberSecurity Malaysia CEO Datuk Dr Amirudin Abdul Wahab tells Sunday Star.
This means an average of seven ransomware cases are reported in a month – an increase from five cases a month last year.
With many Malaysians still working remotely from home during the pandemic, this has created more leeway for cyberattacks to happen. As employees work away from the office, the connections used to access their organisation’s resources are outside the usual secure network at the workplace.
“Ransomware often strikes when victims download pirated software from unknown sources like websites.
“These files might be embedded with malware that leads to ransomware attacks. The ransom amount varies from 0.02 (US$1,035 or RM4,296) or 0.03 Bitcoin (US$1,554 or RM6,451) or US$980 (RM4,068),” Amirudin explains.
Outside the secure network
It’s inevitable that the Covid-19 pandemic has forced many to embrace working from home.
“This situation requires employees to be vigilant. They should restrict the usage of devices only for work and not mix it up with personal uses,” Amirudin advises.
For some organisations, especially self-driven SMEs, they cannot afford a full suite of secure network features as used by the large enterprises.
“They require employees to use personal email accounts and personal devices for work, which in most cases are not properly set up for secure remote working.
“Therefore, cybersecurity and best practices awareness are important when using our devices for work, either in the office or at home to prevent any incidents,” says Amirudin.
When hit with ransomware, victims are advised never to pay the perpetrators.
“If a victim succumbs to paying up, the perpetrators might see this as an opportunity to demand for more as the victim is desperate and has taken the bait,” he points out.To resolve the ransomware attack, the type of ransomware must be identified, together with any known decryption tools, or “decryptors”, to recover the encrypted files held by the ransomware.
“In many cases, these tools are not able to recover 100% of the files, or maybe even none,” says Amirudin.
Such malware is also frequently updated like other software and is able to use advanced methods to resist security software and tools.
“If a victim is attacked by ‘zero day’, or the latest, ransomware, no decryptors are able to recover the files. This can force organisations and victims to pay the perpetrators to regain access to the system, especially when backups are not made regularly.
“As such, I urge everybody to backup all important files and systems regularly, to enable better chances of recovery in the event of a ransomware attack to avoid loss,” stresses Amirudin.
Strengthen the weakest link
Concurring, Microsoft Malaysia national technology officer Dr Dzahar Mansor says remote work has opened up more opportunities for cybercriminals to exploit vulnerabilities.
“Cybersecurity is just as strong as the weakest link, and poorly secured home networks could present an easier entry point for cyberattacks into corporate networks. Being unaware or even unconcerned about securing our home network against the common tactics used by cyber attackers is what creates these loopholes.
“It is critical that organisations not only leverage trusted technology but also invest in educating their people to reduce the risk of incidents from taking place,” he says.
Dzahar says it’s estimated that 91% of cyberattacks start with an email, which either leads to malicious links directly or which contains dangerous attachments.
“These emails come with attention grabbing headlines and are designed to get the reader to click on the link that is being shared – a simple yet effective strategy,” he says.Advising Malaysian users, Dzahar says experts believe in the “zero trust” approach, whereby users shouldn’t trust anything from within or outside the organisational network perimeter.
“This means that even if a cyberattacker gets through corporate firewalls, additional authentication factors would still be needed to reach each different or sensitive part of the network.
“Multifactor authentication systems for businesses can greatly reduce the risk of identity compromise,” he says.
Everybody should also continuously practise cyber hygiene such as regularly swapping between strong passwords, keeping software up to date and avoiding suspicious links or emails.
To report cybersecurity incidents, contact CyberSecurity Malaysia’s Cyber999 help centre through its emergency hotline at 1-300-88 2999 (office hours) or its mobile number 019-266 5850 (24-hour helpline for critical incidents).
For more information, got to mycert.org.my.