Dikemaskini 1:48 AM, 10 May, 2018
A+ A A-

No one is safe from cyberattacks, security experts warn

Universiti Kebangsaan Malaysia cyber security researcher Prof Dr Zarina Shukur said all internet users were at risk, even though they are not the main targeted of this ransomware. Universiti Kebangsaan Malaysia cyber security researcher Prof Dr Zarina Shukur said all internet users were at risk, even though they are not the main targeted of this ransomware.

Consumers should not lower their guard when it comes to cyberattacks as everyone is at risk, security experts warned.

Cyber security expert C.F. Fong said consumers must constantly ensure that their computer software is always up-to-date since the tools used (such as WannaCry) do not distinguish their victims.

He said users should be vigilant in relation to emails and to not open any links or download attachments in emails from unfamiliar or suspicious sources.

“Unlike large enterprises, users may not have large investments on security defence technologies.

“As such, consumers are strongly advised to always update their systems, anti-virus, and practice safe internet habits such as not downloading pirated software,” he told the New Straits Times today.

Fong, who is also the founder of Malaysian cybersecurity firm LGMS, said proactive preventive measures should be carried out by monitoring and performing frequent vulnerabilities assessment and penetration testing on computer assets.

The government, he said, should be working hand-in-hand with the private sectors to tackle the matter.

“The government agencies here rarely engage private sectors for assistance. A good example is Wannacry, whereby Cyber Security Malaysia had only received two cases, whilst private security firm like LGMS has been working on more than 16 incidents.

“Both private and government sectors need to work closer,” he stressed.

Fong also warned users that the threat was far from over and one could expect more ransomware cyberattacks following WannaCry and NotPetya.

He said based on the National Security Agency (NSA) leaks, multiple exploits were used to target a variety of network devices and Unix operating systems.

“We haven’t even seen these use in the wild yet, and since the exploit codes are publicly available, script kiddies can easily use those code base to compile their own flavour of attacking tools.

“So we will be expecting nothing less than Wannacry or NotPetya,” he said.

Universiti Kebangsaan Malaysia cyber security researcher Prof Dr Zarina Shukur said all internet users were at risk, even though they are not the main targeted of this ransomware.

“Like the previous Wannacry, please backup your data and don’t click any suspicious link. Patch your windows and update your anti-virus software.”

CyberSecurity Malaysia yesterday issued an alert on a ransomware attack known as ‘Petya Ransomware’.

Its chief executive officer Datuk Dr Amirudin Abdul Wahab said Petya Ransomware encrypts the Master File Tree tables for NTFS partitions and overrides the Master Boot Record of infected Windows computers, making affected machines unusable.

Behaving similarly to WannaCry Ransomware, he explained that it infects unpatched Windows devices by exploiting a vulnerability, known as EternalBlue, which Microsoft patched in March (MS17-010).

“At present, we are closely monitoring the situation. Our technical team is on standby and consistently keeping abreast with other CERTs (Computer Emergency Response Team) around the world to obtain and exchange latest information about the attack.

“So far, we have not received any incident report with regards to the attack. We have issued an alert specifically on this incident and we would like to suggest system administrators to refer to our alert and update thru our portal.

“In view of the numerous cyberattacks and various possible online incidents, Internet users must equip themselves with cyber security knowledge. They have to take cyberattacks and online incidents as new challenges in this new digital environment and use technology positively,” he added. - NST

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.