Following a wave of attacks on Malaysian sites before Merdeka Day, cybersecurity experts are recommending website operators to be prepared ahead of Malaysia Day.
CyberSecurity Malaysia (CSM) Responsive Services Division senior vice president Dr Aswami Fadillah Mohd Ariffin says attacks of this nature tend to happen around this period annually, especially following any statements that could have been deemed “sensitive” and could have angered neighbouring countries.
The Malaysian Computer Emergency Response Team (MyCERT), a department under CSM, had released an alert warning of mass defacements of Malaysian websites in the lead up to Merdeka Day, following a spike in incidents starting from Aug 28.
“This year is worse, with over 400 defacement reports. It was due to the statement made on an e-hailing provider,” he said, referring to Indonesian tech giant Gojek.
Aswami said based on the information and messages left on the defaced websites, it appeared the attacks were from Indonesia, or made to look like they were.
MyCERT's alert recommends system administrators to secure their systems against security threats by deploying firewalls, intrusion prevention systems (IPS), and network and host-based intrusion detection systems (IDS) to prevent and log most generic attacks.
It also recommends regular system vulnerability assessments and backups of all critical information to limit the impact of data or system loss, and encourages organisations to report security incidents to relevant authorities
And advises companies to ensure their systems, applications and third-party add-ons are updated with the latest security patches.
Cybersecurity firm Trend Micro Malaysia managing director Goh Chee Hoh says it is crucial for organisations to continue to stay vigilant and keep their business applications and infrastructure updated.
Defacement takes a considerable toll, particularly when current and potential customers or partners are unable to access a portal, he says.
He recommends leveraging security at the web application level, including web app firewalls for monitoring and guarding against traffic that could threaten website performance and usability.
CyberSecurity Malaysia (CSM) Responsive Services Division senior vice president Dr Aswami Fadillah Mohd Ariffin says attacks of this nature tend to happen around this period annually, especially following any statements that could have been deemed “sensitive” and could have angered neighbouring countries.
The Malaysian Computer Emergency Response Team (MyCERT), a department under CSM, had released an alert warning of mass defacements of Malaysian websites in the lead up to Merdeka Day, following a spike in incidents starting from Aug 28.
“This year is worse, with over 400 defacement reports. It was due to the statement made on an e-hailing provider,” he said, referring to Indonesian tech giant Gojek.
Aswami said based on the information and messages left on the defaced websites, it appeared the attacks were from Indonesia, or made to look like they were.
MyCERT's alert recommends system administrators to secure their systems against security threats by deploying firewalls, intrusion prevention systems (IPS), and network and host-based intrusion detection systems (IDS) to prevent and log most generic attacks.
It also recommends regular system vulnerability assessments and backups of all critical information to limit the impact of data or system loss, and encourages organisations to report security incidents to relevant authorities
And advises companies to ensure their systems, applications and third-party add-ons are updated with the latest security patches.
Cybersecurity firm Trend Micro Malaysia managing director Goh Chee Hoh says it is crucial for organisations to continue to stay vigilant and keep their business applications and infrastructure updated.
Defacement takes a considerable toll, particularly when current and potential customers or partners are unable to access a portal, he says.
He recommends leveraging security at the web application level, including web app firewalls for monitoring and guarding against traffic that could threaten website performance and usability.
Already a subscriber? Log in
Get 20% OFF The Star Digital Access
Cancel anytime. Ad-free. Unlimited access with perks.
