Users’ data is a ‘golden goose’ for scammers; digital security critical

Some 7,495 cases of cyber threats ranging from financial frauds, intrusion, malicious codes and cyber harassment are reported till August this year


DATA, especially personal data, has become a valuable commodity that can be easily monetised by cyber criminals as the increasing number of cyber threat cases recorded in Malaysia shows.

CyberSecurity Malaysia recorded some 7,495 cases of cyber threats in Malaysia till August this year ranging from financial frauds, intrusion, malicious codes and cyber harassment.

“Data can be easily monetised by cyber criminals — either by holding the individuals they relate to for ransom, identity theft or other profiteering such as insider trading.

“The frequency of such incidents is becoming commonplace, and is likely to continue provided there are assets that are of value to the perpetrators,” Deloitte Malaysia cyber risk leader Ho Siew Kei told The Malaysian Reserve (TMR).

For the period from January to June 2021 alone, Cyber999 received a total of 5,737 cyber incident reports.

Cyber999 is a cyber security incident response centre operated by the Malaysia Computer Emergency Response Team to report incidents of cyberbullying that threaten the safety or privacy of Internet users.

Ho added that threats have increased at an alarming rate especially as the Covid-19 pandemic forced people to be confined to home to work which was advantageous for scammers, hackers and ransomwares.

Typically, ransomwares and hackers hold valuable data of an individual or company hostage until demanded money is paid to resolve the threat.

“The Covid-19 pandemic has forced organisations to immediately implement work-from-home policies and mechanisms for their staff.

“However, the rush to set up remote work programmes had left security gaps that cybercriminals are aggressively exploiting. Companies will continue to face threats in 2021, facilitated by widespread teleworking,” said CyberSecurity Malaysia CEO Datuk Dr Amirudin Abdul Wahab in CyberSecurity Malaysia’s annual report.

He added that the new remote working model in reaction to the Covid-19 pandemic has surfaced a new stream of threats in the cybersecurity arena.

Increasing Digital Transactions is Hotbed for Cybercriminals

Users are particularly vulnerable to financial frauds as they have become more heavily reliant on digital capabilities to perform financial transactions.

This exponential increase in financial transactions during the pandemic is a “golden goose” moment for scammers and hackers sitting on a plethora of users’ data.

According to Bank Negara Malaysia, in June 2020, electronic money (e-money) liabilities has grown from RM500 million to RM1.6 billion in the past five years due to the increase in mobile financial services of QR codes and mobile applications.

E-wallet transactions alone increased to RM600 million in 2020 compared to RM300 million in 2019.

Higher volume of online transactions inadvertently compromised users’ valuable data that is usually kept secured with passwords and other authentication tools.

But as cybercriminals are becoming increasingly skilled at hacking, breaching account securities online has become sophisticated and too unchallenging.

According to police statistics in the first quarter of this year, the number of cases reported were 4,327 and losses amounted to RM77 million.

According to Trend Micro Malaysia & Nascent Countries MD Goh Chee Hoh, the onset of digital banking has resulted in more enterprises looking to integrate their platforms and share financial data with third parties to better understand customer behaviour.

This means data fluidity will be a defining factor in digital banking and banks will have to put identity protection at the forefront, not just focusing on data privacy.

“As consumers become increasingly reliant on the convenience of online and mobile payments and cyber threats become more sophisticated, the challenges fintech players face in securing their infrastructures are only going to grow more complex. Understanding the risks and potential vulnerabilities, along with how attackers will try to exploit them, is the cornerstone of maintaining a strong cybersecurity posture,” he said.

While Deloitte’s Ho said it is important that application developers subject their applications to robust security testing.

“Users and companies generally need to observe “cyber hygiene” — a general term that means the basics of cybersecurity are done right. Additionally, companies need to deploy layers of defence encompassing preventive, detective and reactive capabilities supported by strong governance,” he told TMR.

Cyber-Attacks to be Offer as ‘As-A-Service’ in the Future by Hackers

In the future the ransomware landscape will become both more modular and more uniform, with “specialists” offering different elements of an attack “as-a-service” and providing playbooks with tools and techniques that enable different adversary groups to implement very similar attacks, predicts Sophos Group plc — a British security software and hardware company.

In a press release shared to TMR on Nov 10, the cybersecurity company said attacks by single ransomware groups have given way to more “ransomware-as-a-service” (RaaS) offerings during 2021, with specialist ransomware developers focused on hiring out malicious code and infrastructure to third-party affiliates.

Chester Wisniewski, principal research scientist at Sophos, said while RaaS offerings are not new, in previous years their main contribution was to bring ransomware within the reach of lower-skilled or less well-funded attackers.

This has changed and, in 2021, RaaS developers are investing their time and energy in creating sophisticated code and determining how best to extract the largest payments from victims, insurance companies and negotiators.

“They’re now offloading to others the tasks of finding victims, installing and executing the malware, and laundering the pilfered cryptocurrencies,” said Chester.

He added that cryptocurrency will continue to fuel cybercrimes such as ransomware and malicious crypto mining and Sophos expects the trend will continue until global cryptocurrencies are better regulated.

“In 2021, Sophos researchers uncovered crypto miners such as Lemon Duck and the less common, MrbMiner, taking advantage of the access provided by newly reported vulnerabilities and targets already breached by ransomware operators to install cryptominers on computers and servers,” said Chester.

Poor Online Password Management

Suffice to say, it is no longer enough for organisations and individuals to assume they’re safe by simply monitoring security tools and ensuring they are detecting malicious code.

Online habit of managing password and authentication is critical in ensuring online safety, Google Malaysia said in a recent study.

However, 80% of respondents in Malaysia use the same passwords for multiple sites, with two in five (45%) admitting to recycling passwords for up to 10 unique sites.

Among these recyclers, 40% said they do so in fear of forgetting new passwords, while 41% said it is simply convenient to use the same ones, Google Malaysia noted.

Based on the study, 51% of local respondents also disclosed they are using guessable passwords such as significant dates, significant others names, pet names and even postal codes.

“Worse still, one in four (25%) admit to saving their passwords in the ‘Notes’ app of their mobile phones, most of which are not encrypted by default,” the study found.

Google emphasised the respondent willingness to be more digitally responsible.

Google Malaysia industry head (CPG and retail) Chuah Jia Wen said Internet users in Malaysia desire to get better at managing their digital health but the challenge lies in the gap between knowledge and action and the key to plugging the gap is via access to tools that can adequately equip people with both security and convenience.

“That’s why we focus on providing easy to use tools to help people take charge of their online safety and strongly encourage everyone to take full advantage of them especially in this year-end season, where the need to safeguard against holiday hacking is more crucial than ever before,” she said.