As the Christmas and New Year holidays approaches and many of us will be leaving for holiday break, NACSA would like to remind System Administrators and Internet users to take the necessary security measures to secure your systems and network and ensure that they are implemented prior leaving for the long holidays.
Information leakage, information loss, service disruption and integrity of information compromised.
All operating systems, web servers and online services.
We have observed incidents continue to increase throughout the third and fourth quarter of 2018 with majority of incidents reported are related to ransomware, intrusion and malware infections. There had been several incidents reported since early this year such as VPNFilter Router Malware, data breaches on several organization and recently reactivated callback to Command & Control server related to APT32 group known as Ocean Lotus.
We highly recommend System Administrators and Internet users to take the necessary steps to prevent security incidents from occurring and to take mitigation strategies to minimise the impacts or risks to a certain extent. System Administrators should take extra precautions against any possibilities of intrusions, phishing attacks, and malware activities such as ransomware during the holidays, by implementing proper preventive measures against the threats by using combination of blacklisting and whitelisting method and applying the latest patches or upgrades of operating systems, applications and software to prevent intrusions that may be exploiting unpatched applications. Organisations are also urged to perform a rigorous and proper security testing of any new updates prior to deployment.
Customers must be advised adequately on avoiding themselves becoming victims of phishing and fraudulent activities by applying safe browsing, safe email practice and safe Internet banking practice. Organisations must ensure that contact information of System Administrators is made available in the event of a security incident that occurs at or originate from your site.
Organisations and individuals are advised to take the following actions:
Source : National Cyber Coordination and Command Centre (NC4)