Facing cyberattacks in 2016 and beyond

Be prepared: More and more local organisations may be exposed to cyberattacks. Pictured is CyberSecurity Malaysia’s Data Forensics lab. — CyberSecurity Malaysia.

Be prepared: More and more local organisations may be exposed to cyberattacks. Pictured is CyberSecurity Malaysia’s Data Forensics lab. — CyberSecurity Malaysia.

Cyberattacks in Malaysia have increased dramatically over the past decade. In 2015 alone, CyberSecurity Malaysia received 9,915 reports on cyber-related incidents.

This figure does not include cases that go unreported almost daily. As our government aims to increase Malaysia’s Internet penetration from the current 67% to 95% by 2020, more and more local organisations may be exposed to cyberattacks.

These cyberattacks have leaked sensitive personal and business information, disrupted critical operations, and inflicted immense costs on the economy.

Unlike before, today’s cybercriminals have the persistence, the technology, and the skills to mount highly successful attacks on businesses and governments.

Their efforts have turned cybercrime into a big global business resulting in valuable private and sensitive data stolen on a massive scale. Daring cyber-attacks on government IT infrastructures in several parts of the world is already a major concern for most countries.

The motives for attacks on critical cyber infrastructures are multifold. Some cyberattacks are launched to secure intelligence data in order to compromise a country’s sovereignty.

Others are by cyber criminals seeking financial gains.

Disruption to Malaysia's Critical National Information Infrastructure (CNII), theft of financial data and intellectual property will undoubtedly drive investment away from countries whose systems are seen to be insecure.

The challenge therefore is making Malaysia a safer cyber place to do business in and a developed nation.

Regional cross-border collaboration

As we all know, cyberspace is a crucial platform to any country’s well-being and prosperity.

It facilitates greater innovation; enhances efficiency in the production and distribution of information, goods and services; and allows companies to compete in a global economy.

The primary focus of CyberSecurity  Malaysia in 2016 is to promote further intra-regional cooperation and cross-border collaboration with regional cyber security agencies.

So far, CyberSecurity Malaysia has forged 24 collaborative partnerships with various organisations locally and regionally including members of the Asia Pacific Computer Emergency Response Team (APCERT) countries as well as the Organisation of Islamic Cooperation- Computer Emergency Response Team (OIC-CERT) countries.

Most recently, a Memorandum of Understanding (MoU) was signed with the Indian Computer Emergency Response Team (CERT-In) Department of Electronics and Information Technology of the Republic of India.

The MoU has already set in motion several initiatives. This includes developing a framework for response management to cyberattacks. A framework will also be developed to facilitate cross-border cooperation between the two Computer Emergency Response Teams.

Through Malaysia’s Malware Research Centre, there will be mutual collaboration in analysis and sharing of threat research information of malware and other computer security threats. Being the deputy chair of APCERT, CyberSecurity Malaysia will continue to expand such strategic partnerships throughout the Asia Pacific.

Those responsible for national security matters must realise that cyber-attackers are turning to Advance Persistent Threat (APT) to target military, defence and sensitive government information. Many organisations, unfortunately, still rely on legacy security solutions which are not effective against today's APT attacks – which also combine vectors like social engineering.

An advanced persistent threat (APT) is a network attack in which an unauthorised person gains access to a network and stays there undetected for a long period of time.

The intention of an APT attack is to steal data rather than to cause damage to the network or organisation.

Institutions in the Critical National Information Infrastructure (CNII) sectors should pay attention to the process of detection, response and recovery from a cyber-attack.

They also must equip themselves with effective, proactive, preemptive and preventive incident response.

People, Process and Technology

Companies must be guided by three key tenets: People, Process and Technology. Failure to address human factors and engage employees as part of an integrated security strategy will leave today’s businesses and governments critically vulnerable to a cyberattack.

Without training, workers will lack the skills and knowledge to adequately protect their companies’ networks from cyberattacks. Cybersecurity awareness and commitment to best practices must involve employees at every level.

Employees can be your first line of defense against cyberattacks. As such, CyberSecurity Malaysia is also looking at capacity building to enhance knowledge in cybersecurity.

Technical skills and knowledge enhancement can be attained through information security competency and capability training courses and certifications such as CyberSecurity Malaysia’s Cyber Security Professional Development Programme.

The Cyber Security Professional Development is set up to nurture the information security workforce with the required knowledge and skills – provide training and consultancy on developing Computer Emergency Response Teams (CERTs), Information Security Management Systems (ISMS) and much more.

With cybercrimes rising exponentially in scale and sophistication, the government alone may not be able to cope with the threats. The solution is to create a cyber ecosystem that encourages public-private partnerships to address the dangers to national security and societal well-being.

Public-private cooperation improves effectiveness of risk management through sharing of information, experience and resources. Such a partnership also increases innovation and develops competency to enhance the cybersecurity ecosystem.

We, in CyberSecurity Malaysia, are keen to engage with academic researchers and industry practitioners in a public-private partnership that would yield cutting-edge technologies, new methodologies and a capability to deal with any emerging cyber-threat that could harm new and evolving systems such as from Internet of Things (IoT) and Big Data in our cyberspace.

Ultimately, we want to make Malaysia resilient against cyber-attacks. To achieve this, Malaysia has been organising national-level Critical National Information Infrastructure (CNII) cyber-crisis exercises known as ‘X-Maya’. Through X-Maya drills, the level of cyber preparedness among CNII sectors will be raised as more organisations implement proper internal mechanisms and procedures to cope with cybersecurity incidents.

For example, by extending conventional penetration testing into a simulated response and remediation mode, companies can train their employees and improve their readiness.

The risks from global cyberattacks will be greater in the coming years as criminals and terrorists gain access to new skills and technology. It is imperative that we protect our cyberspace. So let us be prepared and ensure that we have the most effective defence in our system to deter and defeat all cyber attacks.

Dr. Amirudin Abdul Wahab is the chief executive officer of CyberSecurity Malaysia.