Dear valued customer,
For the upcoming Hari Raya Aidilfitri holidays, we would like to direct your attention to the cybersecurity risks and the alignment with the National Cyber Coordination and Command Centre (NC4) https://www.nc4.gov.my/alert/67e50e199008f3291327ff83 advisory on strengthening cybersecurity. The organisation may face the cyber threats that caused the financial losses and damage for the organization including
During festive periods, organisations may face increased cyber threats due to heightened online activity, reduced monitoring, and adversaries taking advantage of the holiday spirit. These risks may materialise in diverse ways and can lead to financial losses and reputational damage for organisations, including but not limited to:
- Data breaches;
- Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks;
- Malware/ Ransomware attacks and propagation;
- Malware deployment;
- Phishing or spear-phishing;
- System intrusion and data/information exfiltration;
- Unsecured remote access;
- Web intrusion and defacement;
- Advanced Persistent Threats (APT)
- Cloud & Saas Exploitation;
Moreover, threat actors might initiate attacks by leveraging leaked credentials to unlawfully access sensitive information or systems. Consequently, organisations are strongly advised to implement supplementary measures, including:
1. Identify and record all external portals and IP addresses used, including those for device management and SaaS applications.
2. Implement security protection, patching, and/or hardening.
3. Implement best practices for password controls, including configuring Multi-Factor Authentication (MFA).
4. Implement credential leak monitoring covering all organizational domains, IP addresses used for device management, and SaaS applications.
5. Implement processes to ensure leaked credentials are being reset and potential leak sources are mitigated.
6. Enable audit logging and review audit logs regularly.
7. Conduct regular reviews of user access and compliance with organizational security standards.
8. Implement continuous monitoring and periodic updates of the BYOD policy.
9. Ensure that network data is regularly backed up and stored securely, both onsite and offsite. Implement redundancy measures for critical network components to minimise the impact of any disruptions or failures.
10. Regularly audit cloud configurations to identify misconfigurations.
11. Continuously update incident response plans (IRP) based on new APT techniques.
Additionally, organisations are reminded to actively monitor their internal networks for any unauthorised scans or suspicious activity, including unusual behaviour indicative of Active Directory (AD) reconnaissance or attack path mapping, as such activities may indicate the early stages of an attack.