Photo - PIKOM Chairman Chin Chee Seong
According to Malaysia's National ICT Association (PIKOM), it has not received a single WannaCry report or alert from any of its 1,000+ member companies, nor have any of their clients reported a ransom demand.
This, despite media reports of global hits in recent weeks including a national alert from CyberSecurity Malaysia on 13 May 2017. [A Computerworld Malaysia interview with former hacker turned security services consultant revealed a small number of infected computers. See - WannaCry attacks: Former Malaysian hacker predicted healthcare target ]
PIKOM chairman Chin Chee Seong said PIKOM is remaining vigilant and is advising all members to take all precautions.
However, he confirmed: "To date, PIKOM has neither received any reports/alerts from our 1,000 plus members that they have been hit by WannaCry Ransomware, nor have any members reported that their clients have been issued a ransom."
Chin when to explain: "This is expected in cases like this as many would rather keep a low profile and hope the issue blows over. However, these issues cannot be swept under the carpet. Organisations must take necessary steps to prevent and thwart cyber attacks."
An official PIKOM advisory mirrored many of the precautions advised by CyberSAFE (a CyberSecurity Malaysia division. [For more security guidelines, see - Global ransomware attacks prompt national 'WannaCry' alert from CyberSecurity Malaysia )
PIKOM's advisory included the following: 'Firstly, ensure that your assets are protected. Having the right tools to guard against attacks and intrusions are vital. Second, ensure that your staff are equipped with the necessary skills and knowledge to deal with cyber attacks.'
"Chief Information Officers (CIOs) and Heads of IT Departments play an integral part in protecting their organisations against cyber attacks. Their roles must be recognised by any organisation in this digital age," said Chin.
He added: "Companies must take a serious view on cyber attacks and should not compromise when they decide to engage knowledgeable CIO or IT security experts to prevent these attacks which come in many forms and mutations."
'Don't wait and see'
"A company should plan a good cyber security defence, which will involve a proper business risk assessment; installation of appropriate IT security policy and procedures; deploying the right security technologies; ensuring compliance, constantly monitoring the environment, educating the employees, alerting and responding to security incidents quickly; and conducting forensic and root cause investigation," he said.
"Malaysian companies cannot take a 'wait and see' attitude anymore," Chin said. "We are encouraged by the efforts of the Malaysia Computer Emergency Response Team under the national agency CyberSecurity Malaysia in providing up to date alerts, advisories and assistance to affected organisations and individual users to address this grave situation."
The latest advisory on the WannaCry Ransomware can be found in the following link
The latest edition of this article lives at Computerworld Malaysia.
Sign up for CIO Asia eNewsletters.