PHOTO - Trend Micro Malaysia principal consultant, technology, Victor Lo.
Following the recent cyber attacks - called Operation Malaysia - in mid-June on 198 Malaysian websites by hacker group 'Anonymous' as well as local groups, security firm Trend Micro Malaysia advises that collaboration is a must to prepare for future attacks.
"The attacked sites, which included 51 government websites, suffered a major distributed denial of service (DDoS) attack causing disruption at various levels," said Trend Micro Malaysia principal consultant, technology, Victor Lo, speaking in Kuala Lumpur on June 25. "DDoS happens when a website receives too many queries or hits and becomes inaccessible or difficult to access. Most DDoS attacks are deliberate and deep which results in massive impacts because of the effect on the company's credibility. These attacks are usually done to make a bold statement."
Lo said such threats can be avoided or reduced and correct preparation should include planning for rapid response to attacks and faster recovery time for websites. "The government must seriously consider cyber security as a mandatory part of their national defence plan, and ensure that the following measures are put in place. Cyber security planning and implementation are no longer optional activities, they must be made an essential part of the organisation's business continuity strategy."
"Large enterprises, internet service providers (ISPs) and countries must work together to conduct anti-botnet and early detection of botnet activities," said Lo. "Entities cannot protect themselves on their own. Just as cyber criminal activities span global boundaries and usually do not work in isolation, we must work in partnership with other organisations around the region to share information, improve our defences and coordinate our responses."
"Entities must work together to improve sensors and strategise along with working with large IT security organisations to provide the level of expertise required to design, execute and maintain such plans that will minimise the risks on future cyber attacks," he said. "Anti-virus software alone does not equal to total security. The volume and sophistication of threats on the Internet today make it imperative that a holistic solution that emphasises multi-layered, real-time protection is used to ensure online safety."
He added that in its Threat Prediction outlook report for 2011, Trend Micro forecasted that cyber criminals would be focusing on exploiting social engineering by way of 'malware campaigns'. "It was predicted that cyber criminals would increasingly bombard recipients with e-mail and promote malware through cleverly designed e-mails that would convince users to click on a link that will ultimately lead to a malicious downloader. All this would largely have been possible because of the Internet. Already, Trend Micro threat researchers have found that more than 80 percent of the top malware use the Web to arrive on users' systems."
Sign up for CIO Asia eNewsletters.