More cyberattacks, ransomware, hacking expected

K PRAGALATH

More cyberattacks, ransomware and hacking activities are expected to emerge in line with the increasingly reliance on computers and online connectivity, said an information communication technology security specialist.

Referring to hacking and subsequent ransomware of the Malaysian Airport Berhad Holdings (MAHB) networks which reportedly caused disruption to the country’s main airport at the Kuala Lumpur International Airport (KLIA), Promega Knights Sdn Bhd chief executive officer Teh Chin Hin, said that currently infrastructure and utilities are vulnerable.

“It is a lesson for all corporate giants and branded entities. We have been notifying them of possible cyberattacks for a while. It is just that in Malaysia, safety and security levels surrounding the cyberworld is relatively low,” said Teh when contacted.

Teh said that Indonesia is now more aggressive in cybersecurity after its new airport at Jakarta was also a victim of ransomware last year.

MAHB informed that an investigation was launched immediately, including notification to the Civil Aviation Authority of Malaysia (CAAM) after it was made known of the ransomware.

Crippling effect

Prime Minister Datuk Seri Anwar Ibrahim yesterday said that an alleged hacker recently demanded US$10 million from the government after unloading a cyberattack in the form of a deadly virus against MAHB’s digitalised system.

Teh said that the ransomware can cripple the networks of their intended targets, and it could be days to weeks to fully regain control of one’s own system.

“Hackers or infiltrators are fully aware of their victim’s response, cybersecurity apparatus and the standard response time. We need to stay ahead of them by investing in the right security systems and have a proper crise management plan in placed.”

Teh said that hackers also know their target’s compliance level and they know when their victims are opening themselves up to cyberattacks.

Security specialists can help minimise the attacks through a proper monitoring system and to often test the robust internal firewall security system, said Teh.

There is a need to constantly test and install the latest security firewalls.

According to Teh, it is believed that in the past year, up to 30 major local companies have been exposed to a form of cyberattack.

“Whether they managed to detect it early or ward off the ransomware or hacking attempt, the fact is that there are evil people who are adept in hacking systems.”

Many companies also prefer to keep the cyberattacks private for fear of ruining their reputation but to him, a degree of transparency is needed to fight against the hackers.

“We cannot think that we are opening up a can of worms. We must work to protect our data and our networks at all times. And we need to produce skilled personnel on how to handle the attacks while at the same time, to have a proper crises management standard to adopt.”

He believed that the next wave of attacks may target the semiconductor industry, as hackers will get a big name if they cripple the supply chain of the electronics and electrical trade.

The best is to be prepared at all times since majority of the companies have their networks on at all times in view their businesses are nowadays migrating to the digital platform, he said.

NACSA, NSC needs to collaborate

Thousands of passengers were apparently left stranded after flights were affected following a cyberattack on the MAHB system, leading to the disruption at the KLIA.

According to reports in the New Straits Times quoting sources, this caused a major disruption which began in the early hours of March 23.

Reports said the airport’s flight information display system, check-in counters and baggage handling were inoperative, forcing airlines and airport staff to switch to manual operations

In a related development today Prime Minister Datuk Seri Anwar Ibrahim’s senior press secretary Tunku Nashrul Abaidah confirmed that the former instructed National Cyber Security Agency (Nacsa) and the National Security Council (NSC) to work closely with Malaysia Airports Holdings Bhd following the recent cyberattack.

“The collaboration between government agencies and industry players must be well-coordinated to ensure that the nation’s critical infrastructure remains highly secure against any threats.

“The capacity and competency of local experts must continue to be strengthened to reduce reliance on foreign entities in managing the country’s critical systems.

“The readiness of local experts to respond to cybersecurity incidents will remain a priority for the Madani government.

“This serves as a guarantee to uphold public and investor confidence in the country,” he said.