AGAINST the backdrop of constantly evolving cyber threats, Malaysia needs to take a more active stance in prioritising cybersecurity, anti-virus provider and cybersecurity company Kaspersky’s findings suggest.
In a statement, Kaspersky said cyberattacks on information and communications technology (ICT) supply chains are on the rise, a dangerous trend as vulnerabilities can be introduced at any phase and affect Governments, enterprises and the public.
“When cybercriminals gain backdoor access to the systems of their clients, they can infect thousands of systems at once,” it explained. “The more entry points, the bigger the attack surface becomes (and) when one part gets affected, a domino effect soon follows.”
There were a number of high-profile ICT supply chain attacks last year, according to Kaspersky. For instance, in 2021, while investigating the artifacts of a supply-chain attack on an Asian Government certification authority’s website, Kaspersky discovered a Trojanised package that dates back to June 2020.
Unravelling that thread, Kaspersky researchers identified a number of post-compromise tools in the form of plugins that were deployed using PhantomNet malware, which was, in turn, delivered using the aforementioned Trojanised packages.
Kaspersky’s head of public affairs and Government relations for Asia Pacific & Middle East, Turkey and Africa Genie Gan explained that the threat actor’s real target was the Government entity.
However, as the certification authority was a weaker link in this supply chain, the actors decided to exploit the trust between the Government and the certification authority.
“To prevent this, the defenders need to operate on the basis that their system is compromised and look for signs of an attack, rather than assume that they can be prevented using traditional products,” she said.
According to National Security Agency chief executive Rahamzan Hashim, cyber incidents in Malaysia are indeed on the rise: there were 4,194 incidents reported in 2020, 5,575 in 2021 and 5,626 as of September this year.
Thousands more web threats
In the first half of the year (1H 2022), Kaspersky also detected 20,948,843 different web threats on the computers of Kaspersky Security Network (KSN) participants in Malaysia.
Attacks via web browsers are the primary method for spreading malicious programs. Exploiting vulnerabilities in browsers and plugins, as well as social engineering, were the most common ways used by cybercriminals to penetrate the systems.
Global cybersecurity company’s fresh data also showed that 16,498 malicious installation packages on mobile were detected and blocked in the country by Kaspersky and 3,285,350 brute force attacks against Remote Desktop Protocol (RDP) on computers running Windows were further foiled during this period.
In addition, Kaspersky’s anti-phishing systems also blocked 1,791,751 phishing attempts in Malaysia during the first six months of the year.
Recognising the risks and impact of ICT supply chain cyberattacks, Kaspersky urged Putrajaya to collaborate with its neighbors and private companies to further build its cyber-resiliency.
This would complement Malaysia’s existing legal policies and regulatory frameworks on cybersecurity that have already been laid out and are currently in place, it noted.
“Looking at Malaysia’s unique cybersecurity landscape and how it is dealing with cyberattacks, it appears that the country is now in the intermediate stage of cybersecurity readiness,” said Gan.
Intermediate-level countries are those that have identified cyberattacks as areas they need to look into and have attempted to make some inroads. But the goal is to have the country move to the advanced stage, where Kaspersky hopes to see it doing more in terms of development.
Gan recommended the following specific action steps to strengthen the ICT supply chain in Malaysia:
- Develop core principles and technical standards to ensure a consistent level of cybersecurity across all companies involved;
- Incorporate actionable national cybersecurity strategies;
- Improve procedures and regulations on ICT supply chain infrastructure;
- Prioritise private and public mutual cooperation and cybersecurity capacity building;
- Constantly improve security awareness; and
- Continually promote skills training and enhanced collaboration to support incident response capabilities and ensure the safety and well-being of its citizens. – Oct 29, 2022
Main photo credit: Getty Images
