Highlights: Mimos' assurance on security of servers
By Aimie Pardas
8th May 2001 (Computimes)

CYBER attacks on Web sites are not uncommon but there are concerns among industry players and observers when word got out that a system at Mimos Berhad had been a victim recently.

This is because Mimos is the country's leading Internet access provider and the current home to National ICT and Security Emergency Response Centre (Niser).

Mimos, when contacted, confirmed that a hacking incident did take place in its office premises but maintained that the security of its computers and servers remained intact.

Its chief operating officer and senior vice president (research and development) Dr Mohamed Awang-Lah said the incident on April 23 involved a personal computer (PC) which did not contain any sensitive information.

Citing the situation as not alarming, he said the incident occurred in an office environment where security was not that critical. "We, nevertheless, managed to watch, document and trace the attack," he told Computimes last week.

Mohamed said Mimos believed that the attack had originated in the United States but was launched through some 10 compromised machines located in various countries. These included Malaysia (but not within Mimos), Indonesia, the United States and New Zealand.

According to him, in compliance with its normal process to document hacking activities, Mimos had reported the incident to the relevant authorities.

Meanwhile, Niser had classified the attack on Mimos as an intrusion incident.

A spokesperson said the centre had also received several reports of similar incidents from other parties in Malaysia.

MyCert statistics at the Niser Web site show that as of March, intrusion tops the list of security breaches with 49 reports so far this year. This is followed by hack threat (34 incidents), spam (16 incidents), virus (13 incidents), harassment (five incidents), denial of service (three incidents) and mailbombs (two incidents).

According to Niser, in most intrusion cases, the intruders could upload files, deface a Web page or create more damage once they gained access to the PC.

These intruders don't usually attack directly from their PC but are likely to go through several hubs in different countries in an attempt to avoid detection, said the spokesperson.

He explained that intrusion is more likely to happen if system administrators do not update their operating systems (OSes) or put in place the most recent patches to fix some of the bugs.

He advised system administrators to keep updating their OSes and download new patches as quickly as possible.

Administrators should also enforce in-depth defence, which includes not only a firewall but also other defences such as intrusion detection systems.

Companies can also hire knowledgeable administrators who can tell when a system is broken into by reading and interpreting the log to reduce chances of an intrusion attack.

Home owners are also advised to update OS software, download patches and free firewalls to beef up security, he added.