Photo (official): (From left) Dr Dzahar Mansor, National Technology Officer, Microsoft Malaysia with Dato' Dr. Haji Amirudin Bin Abdul Wahab, Chief Executive Officer of CyberSecurity Malaysia
According to the latest security intelligence report, attacks on accounts in the cloud have tripled globally as more organisations move their data to the cloud.
Dato' Dr. Haji Amirudin Bin Abdul Wahab, chief executive officer of national digital security agency CyberSecurity Malaysia, was present when Microsoft unveiled the latest edition of its bi-annual Security Intelligence Report (SIR), Volume 22 during a media season in Kuala Lumpur recently.
Dr Amirudin, together with Microsoft Malaysia's national technology officer Dr Dzahar Mansor, focused on the Malaysia findings, which put Malaysia's malware encounter growth "at an alarming rate against the global average."
One key finding is that an average of 12.9 percent of computers running on Microsoft real-time security products in Malaysia reported a malware encounter in the first quarter of 2017.
This is slightly higher than the global average of nine percent, said Dr Dzahar, adding that the report also "found a significant decline in Malaysia's malware occurrences compared to Q1 2016. The malware encounter rate fell by 16.7percentage points compared to last year."
- Ransomware is one of the most infamous malware families in 2017. In the first half of this year, two waves of ransomware attacks, WannaCrypt and Petya, exploited vulnerabilities in outdated Windows operating systems worldwide, disabling thousands of devices by illegitimately restricting access to data through encryption.
- Globally, Win32/Spora has rapidly become one of the most widespread ransomware families and it was the most commonly encountered ransomware family in March 2017. Spora encrypts files with several popular extensions, including .doc, .docx, .jpg, .pdf, .xls, .xlsx, and .zip. This ransomware also has worm capability, enabling it to spread to other computers in the network.
- As cloud migration increases, the cloud has become the central data hub for the majority of organisations. This also translates into more valuable data and digital assets being stored the cloud, making it an increasingly attractive target for cybercriminals.
- The SIR highlighted a 300 percent increase in consumer and enterprise accounts managed in the cloud being attacked globally over the past year while the number of logins attempted from malicious IP addresses have increased by 44 percent year-over-year.
The report added: 'A large majority of these security compromises were the result of weak, guessable passwords and poor password management, followed by targeted phishing attacks and breaches of third-party services.'
Four best practices
Here are four best practices recommended by the report:
- Always practice caution when you are connected to a public internet domain: Assume that you are being watched and monitored; make sure all communications are encrypted and do ensure access to your machine is password protected etc. this is to avoid attackers from eavesdropping on your digital communications, capture login and password details, and access your personal data.
- Ensure your software is always up to date: Safeguard your devices and make sure the latest patches are installed.
- Use the latest technologies and software to ensure better security and privacy to maximize protection against latest threats.
- Make cyber security and data privacy policies and governance high priority in your organisations.
The story behind Malaysia's 'alarming' growth
Dr Amirudin presented some of CyberSecurity Malaysia's take on the factors behind the rising encounter rate.
"A limitless cyberspace, zero boundaries and eroding national borders are just some of the drivers behind the increase of cyber threats," he said. "Today, cyber security concerns represent one of the most serious economic and national security challenges we face as a nation."
"The findings of Microsoft's report underscores this challenge," Dr Amirudin said. "This report's valuable insights will helps us better manage these threats."
Dr Dzahar's comments included a positive note: "Driven by the proliferation of endpoints and the ubiquitous computing power of the cloud, the opportunity for digital transformation to make broad and profound impacts on our society has never been greater."
"However, for digitalisation to reach its fullest potential, users must first trust the technology they use," he pointed out. "In today's digital age, security cannot be an afterthought. It must be 'built-in', all-inclusive and intelligent."
"By making security a top priority, we can build greater trust in technology and enable digital transformation to reach its fullest potential and fulfil its grandest ambitions," said Dr Dzahar. "Microsoft is committed to helping our customers and partners build that trust and the first step is to help them understand the multitude of cyber threats out there so that they can implement more effective ways to manage and neutralize these risks."
To see recent Malaysian digital security news, visit:
- Ransom DDOS attacks hit Malaysian financial firms: Experts advise action plan for IT
- 33 Malaysian websites hacked following SEA Games error: Experts reaffirm security musts for Sysadmins
- WannaCry attacks: Former Malaysian hacker predicted healthcare target
- Global ransomware attacks prompt national 'WannaCry' alert from CyberSecurity Malaysia
- Crash Override, Industroyer malware: CyberSecurity Malaysia calls for critical infrastructure checks
- Malaysia interview: How easy is it to set up as a cyber crook today?