Malaysians are extremely tech savvy, but often take unnecessary risks with their devices. That was the gist of the statement made by Cybersecurity Malaysia CEO Dr Amirudin Bin Abdul Wahab during a joint media briefing with Symantec. Both the government body and company outlined similar concerns for cybersecurity going into 2017; most of which were contained in Symantec’s Internet Security Threat Report volume 22.
Fraud cases make up the biggest cybersecurity problem in Malaysia today. According to CSM, these make up 46 percent of all reports it received from 2016 to March 2017. By definition, these are mainly people being scammed out of money.
On a larger scale, the global cybercriminals are beginning to use far more sophisticated attacks. There has been a shift towards targeting organisations instead of individuals, as these organisations have been found to be more likely to pay ransoms. The Lazarus Group’s Central Bangladesh Bank heist also represented a new threat against financial institutions.
Email has yet again become the favoured attack vector for hackers and cybercriminals. According to Symantec, nearly one in 131 emails sent in 2016 contained a malicious attachment. This was almost double from the number recorded in 2015. Last week’s Google Docs attack only cemented the position of email as the best way to trick people into executing malware.
On a more local front, CSM recorded some 12,000 cybersecurity incidents last year, as well as 1.3 million spam emails and 4.3 million botnet infections. While complaints of fraud made up the bulk to the reports, cyberbullying also has the body concerned. The number of complaints jumped last year, indicating a greater number of people using the internet to cause mental harm to others.
Symantec and CSM were also concerned about the potential for cyberattacks in Malaysia to evolve and begin targeting infrastructure, like the blackouts that happened in Ukraine last year. According to Amirudin, it is not a question of if it will happen, but rather a matter of when it happens.
CSM pointed out that Malaysian’s lack of security awareness comes from the virtual nature of the interaction. There’s less concern when the threat does not take a real physical nature. However, this may change in the event that threats begin targeting Malaysian infrastructure and shuts down powers stations or the water supply.
CSM reminded the media that it runs its own helpline for those facing cybersecurity problems. The Cyber999 helpline not only provides access to law enforcement for resolving scams and the like, but also offers technical support for other problems. There’s also an app in the event that people don’t want to talk to another human being.