Addressing Ransomware Risk for Businesses in Malaysia
THE The Covid-19 pandemic and the resulting momentum for the digitalization of businesses have accelerated Malaysia’s digital economy by leaps and bounds.
However, it has also sparked a wave of opportunistic cyber attacks, with the Malaysia Computer Emergency Response Team reporting more than 8,000 cases this year alone.
Ransomware, a type of malware that locks and encrypts sensitive data on a user’s device, is a particularly concerning issue that has been exacerbated by the scramble for digitization.
In July 2021, the Malaysian Employers’ Federation suffered a ransomware attack involving its encrypted accounting data and its servers went down for three days.
Months later, a hacker attacked Penang-based web hosting service Exabytes – disrupting its Windows virtual private server and Windows hosting services – and demanded a ransom of US $ 900,000 in cryptocurrency.
While both companies managed to restore their servers in a matter of days, there is no doubt that ransomware attacks pose a serious threat that Malaysian businesses must tackle head-on, or face the consequences.
Understanding ransomware and how it happens
What makes ransomware so dangerous is that it doesn’t just infect or corrupt files and devices.
Once the ransomware gains access to a device or database – usually masquerading as a suspicious file or link – it makes critical data inaccessible to anyone without the correct key.
The hacker will demand an exorbitant ransom for the key, and failure to pay within the allotted time usually results in destruction or public disclosure of the data.
This can have catastrophic consequences, such as a serious breach of user privacy and / or the disclosure of trade secrets.
With more organizations migrating to the cloud to accelerate their digital transformation, more robust endpoint security is needed to defend against ransomware, as ransomware programs can also take advantage of the cloud’s improved and persistent connectivity. to spread.
For example, malicious software or application on an infected device may request access to the organization’s cloud.
Once granted, the program can then encrypt the data directly in the cloud and even pass it on to other logged in users, quickly multiplying the severity of the attack.
Organizations that process sensitive data or need uninterrupted access to data are more vulnerable to ransomware and more likely to pay.
In 2021, Colonial Pipeline, the United States’ largest pipeline network for refined petroleum products, paid a ransom of US $ 5 million to hackers after an attack on its computer network forced it to shut down its entire pipeline and caused major disruptions in gas delivery.
However, paying is not always the answer; While 33% of businesses affected by ransomware globally in 2019 decided to pay, 22% never regained data access and 9% even faced more attacks.
Prevent ransomware attacks
Given the devastating disruption of a ransomware attack and the enormous sums at stake, the adage “Better safe than sorry” carries extra weight here.
The first step Malaysian organizations need to take is to strengthen their security infrastructure with a strong and reliable endpoint security solution.
Cyber ââsecurity solutions are typically installed on endpoints and can detect and block malware that infects devices in the first place.
Other preventative features include updating device security and notifying users of malicious websites or folders.
On top of that, email security must also be a top priority for businesses as email phishing, one of the most popular attack vectors, is on the rise – at least 442,439 attempts to phishing attacks were carried out against small and medium-sized businesses in Malaysia during the first half of 2020.
Ransomware attackers “trick” people into clicking disguised links or files in their email, which downloads the ransomware.
This can be solved by secure email gateways and email security solutions, which can filter email communications to prevent threats from reaching users, while web filtering solutions can prevent users from going. on dangerous sites.
Many Malaysians are now using their own devices to work from home, which – while arguably more convenient – presents a serious cybersecurity problem.
Personal devices are probably much less secure than work devices, as they often have less robust protection plans and / or access the internet through unprotected networks.
As employees are often the biggest security risk in a business, companies should mitigate the risk by providing cybersecurity training from IT experts, as well as ensuring that employees can identify threats and follow up. cybersecurity protocols to avoid being a vulnerability.
As a last line of defense, the importance of having a backup solution cannot be overstated.
With backups, Malaysian businesses can restore their data faster and are not entirely at the mercy of the attacker.
However, for backups to be effective, they must be performed and tested regularly.
Companies should also never put all of their eggs in one basket. They must have multiple backups – either offline, hosted in a different cloud service, or both.
Staying Ahead of the Ransomware Threat
A positive consequence of the fact that Malaysia is the target of cyber attacks is that it has created a national momentum to improve cybersecurity.
In 2020, the Malaysian government launched Malaysia’s Cyber ââSecurity Strategy 2020-2024 with an allocation of RM 1.8 billion to strengthen Malaysia’s preparedness to tackle cyber threats, helping to place the country in fifth place. out of 194 countries in the 2020 Global Cybersecurity Index.
This achievement was further reinforced in 2021 with the announcement by the government of its intention to create a specific cybersecurity law to strengthen cybersecurity and improve enforcement nationwide.
These advances are very encouraging, but there can be no complacency when it comes to digital defense.
Ransomware attacks are constantly evolving and increasingly sophisticated, so there will always be room to improve and expand.
To fully harness the potential of the national digital economy, Malaysian organizations need to stay abreast of digital developments, leverage third-party expertise, and maintain a robust security infrastructure to confidently pursue growth in the era. digital.
Iskandar Ahmat is Cloud4C County Manager, Malaysia, member of the PIKOM Cybersecurity chapter of Cloud4C. Comments: [email protected]