This article was first published here on 27 April 2020. Below is the translation in English.
- Whilst COVID-19 engulfs the world, cyber criminals are also making their moves, taking advantage of the situation to spread computer viruses.
- According to MyCERT data, the first three months of 2020 has seen the total of 3,108 cybercrime reports, which is a year-on-year increase of 786 cases or 36%, which seems to coincide with the outbreak of COVID-19.
MyCERT grant – cybersecurity tips
- Online activities remain active, cybercrimes are emerging one after another, such as the WannaCry ransomware attack, causing havocs in computer systems worldwide. Cybercriminals have once again launched an attack whilst the world’s government and people are focused on fighting against COVID-19; other than people losing money, there are some enterprises who suffered losses due to hack into their system.
- Since the start of MCO, MyCERT has published many online guidelines, providing tips to enterprises and users on cybersecurity. The MCO has forced many enterprises to close down, resulting in workers having a lot of free time, but CyberSecurity Malaysia becomes busier than usual.
- From 18 Mar to 7 Apr, MyCERT (an agency under CyberSecurity Malaysia), has received approximately 838 cases of cybercrime reports, including fraud, hacks and online harassment.
- MyCERT has discovered that since the outbreak of COVID-19, cyber criminals used COVID-19 themes to send spam emails or set up phishing websites, taking advantage of users’ need / mentality for the latest COVID-19 information to spread viruses.
Recorded while browsing pornographic sites
- Online blackmail is also on the rise. A Malaysian online user received an email and was informed that his account’s password has been hacked, and he/she was recorded whilst browsing pornographic sites – the blackmailer has asked the user to send Bitcoins or risk the recording being revealed to the public. Typically, the criminals bought users’ information online from the Dark Web, and send out thousands of automatic scam emails, lying to users that their computers have been set up with viruses and controlling the user’s online movement.
- Other than these crimes, during the MCO many online users have also complaint to MyCERT regarding security concerns.
- As many industries have to either stop work or temporarily close their offices, online activities during the MCO has greatly increased, such as working from home (WFH) or entertainment/leisure activities.
- WFH might see the frequent usage of online video conferencing – however Zoom, which received much attention due to the COVID-10, has been found to have security loopholes/gaps; MyCERT has received many enquiries on Zoom. MyCERT also said, although most online conferencing apps have installed security defences, however users should still be careful while using these platforms.
Remote accessing of data is easy to leak
- Due to COVID-19, many companies have started the WFH model to maintain business operations. Although this may reduce social interactions and the spread of the virus, the remote accessing of company data or services also increase the cyber risks.
- Cyber risks include data leak, hacks, work email exposure risks, computer viruses, etc. Most of the risks are a result of the lack of cybersecurity measures by enterprises, lack of understanding towards cybersecurity as well as fragile end user systems.
Ho Siew Kei: ‘It takes constant vigilance to stave off evil’ – Companies need to revamp their cybersecurity
- Ho Siew Kei, Executive Director, Risk Advisory – Cyber Risk, Deloitte Malaysia said, the rate of cybercrimes during COVID-19 is a wake-up call for businesses. During a webinar series hosted by ICDM, he shared that the cybersecurity measures used by companies may not be enough to deal with the cyber risks at hand.
- He said, companies need to revamp their cybersecurity measure, focusing on the current prevailing cyber-attacks, whilst adapting to new situations. In the new normal after COVID-19, cybersecurity focus should prioritise key security monitoring measures and protecting the crown jewels of the organisation.
Company’s cybersecurity measures should be holistic
- In this internet era, technology transformation and cloud applications are common. Even after COVID-19 ends, it is expected that cybersecurity will continue to see threat, and more criminals will try to use different methods to attack an organisation’s operations or back end system.
- Ho said, organisations should maintain a good cybersecurity hygiene, set up crisis response strategy, network repair solutions, as well as increase the defences and preparedness to deal with any possible cyber breach/attack.
- The company’s cybersecurity measures should combine financial, operations, business continue and crisis management, as well as undertake measures to reduce cyber risks, early detection of potential threats and discovery of crisis response programmes and system vulnerabilities.
- A resilient cyber solution should take into account traditional business risk, whilst incorporate new features such as employee support services, external management communication, insurance, etc.
Michele Kythe Lim: Uneven understanding across different businesses in different industries – growing interest in cybersecurity amongst boards
- Michele said, based on a poll conducted by ICDM recently, cybersecurity is a key area of interest for most boards and directors. Whilst board and directors recognise the growing importance of cybersecurity, different directors would have different levels of technical understanding. It is likely that there is an uneven understanding on the risks and compliance in terms of cybersecurity as different businesses in different industries have different levels of dependency and utilisation of technology.
- The most critical perspective that boards and directors need to have is the level of preparedness of their company in terms of cybersecurity. Companies need to review their cybersecurity measures periodically as well as making sure that they are adequately equipped to respond to any potential IT risks.
- Firstly, we need to recognise that cybersecurity is not just about the technology or infrastructure put in place, it also means putting in place the right talent/people with the right cybersecurity skills and knowledge to recognise the priorities that are able to lead effectively in this area within the company.
- Michele also shared, boards are very interested in the cybersecurity and cyber risks topic – the recent webinar series on cybersecurity was well-received. Hence, ICDM will continue to roll out a virtual classroom initiative, to continue providing knowledge sessions around cybersecurity.