Over 2,100 servers in M’sia hacked

  • Nation
  • Friday, 17 Jun 2016

Minister of Science , Technology and Innovation (MOSTI) Datuk Seri Panglima Madius Tangau (2nd right) during the Soft Launch of the CSM-ACE 2016. Looks on from left Suhaimi Hamzah , Jen Tan Sri Mohd Azumi Mohamed and Dr. Amirudin Abdul Wahab.. -- M. Azhar Arif/The Star 16 June 2016

KUALA LUMPUR: Malaysia’s national cybersecurity agency said it detected intrusions in several local servers for years and issued advisories to victims but ignorance was still making them easy targets for hackers.

It was found that over 2,100 servers have been compromised and their access sold to hackers for as low as RM29 (US$6) up to RM24,600 (US$6,000) on an underground cybercrime shopping website, xDedic, the “eBay of cybercrime” where hackers shop access and passwords for infiltrated servers worldwide for criminals to buy.

These servers belong to government agencies, banks, universities and businesses, said computer security company Kaspersky Lab, which unearthed the market.

Once in the server, hackers can have all the personal information of users attached to that server.

As at June 15, there were 70,624 hacked servers up for sale. Malaysian servers were the 10th most in demand, it said.

CyberSecurity Malaysia chief executive officer Dr Amirudin Abdul Wahab said his agency would work with Kaspersky Lab to get more details on the compromised servers and offer assistance in fixing the intrusions.

But that will be difficult, if the victims do not know they are victims or had taken a lackadaisical approach to cybersecurity, he said.

“Cybersecurity is everyone’s responsibility. People thought having a firewall is enough but the most vulnerable part of cybersecurity is still people. You can have a firewall but when a worker opens something with their computer, it gets in.

“Then many don’t have the proper process of managing things, you have to cover the whole ecosystem in cybersecurity,” he said.

Dr Amirudin said companies may engage the agency’s Cyber DEF service to skim their servers for intrusions and to clean and plug any weaknesses.

The Kaspersky Lab report comes as Science, Technology and Innovation Minister Datuk Seri Madius Tangau called for Malaysian companies and agencies to have more cyber resilience and adopt better practices that would allow them to recover quickly from cyber attacks.

“In today’s cyber threat scape, we need to recognise that security goes beyond systems, software or IT departments. Cyber resilience focuses on the preventive, detective and reactive controls in an IT environment to assess gaps and drive enhancements to the overall security posture of the entity,” he said during a soft launch for Cybersecurity Malaysia’s Award, Conference and Exhibition yesterday.

The conference and exhibition will see industry experts discussing the latest threats to cybersecurity and preventive measures that need to be taken.

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Next In Nation

Malaysia’s economy expands 8.9%
Sultan Abdullah grants audience to Qatari DPM
Experts: Provide incentives to help boost EPF savings
‘Our licence valid in Maldives’
So close to end of the road
Najib plays his last card
‘Najib and Arul Kanda amended 1MDB audit report to cover themselves’
We will not abandon our client in appeal, says Zaid
Editor’s bid to question defamation charge ‘premature’
Potential data breach at iPay88 still under probe, says Bank Negara

Others Also Read