Introduction
As the festive season holiday approaches and many of us will be leaving for holiday break, NACSA would like to remind System Administrators and Internet users to implement sufficient security measures had been implemented to ensure that systems and networks are secure before leaving for the long holidays.
Impact
Information leakage, information loss, service disruption and integrity of information compromised.
Impacted Platforms
All operating systems, web servers and online services.
Brief Description
We have observed incidents continue to increase throughout the first and second quarter of 2018 with majority of incidents reported are related to fraud, intrusion and cyber harassment. There had been several incidents reported since early this year such as Fake Bank Negara Malicious APK, Distributed Denial of Service attacks using Memcached, Symantec Certificate Issue and CPU Hardware Side-Channel Attacks Vulnerability known as Meltdown and Spectre.
We highly recommend System Administrators and Internet users to take the necessary steps to prevent security incidents from occurring and to take mitigation strategies to minimize the impacts or risks to a certain extent. System Administrators should take extra precautions against any possibilities of intrusions, phishing attacks, and malware activities such as ransomware during the festive season, by implementing proper preventive measures against the threats by applying the latest patches or upgrades of operating systems, applications and software to prevent intrusions that may be exploiting unpatched applications.
Customers must be advised adequately on avoiding themselves becoming victims of phishing and fraudulent activities by applying safe browsing, safe email practice and safe Internet banking practice. Organizations must ensure contact information of System Administrators is made available in the event of a security incident that occurs at or originate from your site.
Recommendation
Organisations and individuals are advised to take the following actions:
Source : National Cyber Coordination and Command Centre (NC4) Official Website