MyCERT: Spam still the No 1 bother
27th July 2004 (The Star)
By ZAM KARIM

KUALA LUMPUR: Spam or unsolicited bulk e-mail remained the most frequent kind of security incident reported to MyCERT (the Malaysian Computer Emergency Response Team).

A total of 3,928 spamming incidents were reported to the agency in the second quarter of this year, representing a 74.8% increase over the previous quarter, MyCERT said in its latest quarterly summary report.

MyCERT (www.mycert.org.my) is a unit of the National ICT Security and Emergency Response Team (Niser).

It is almost impossible to completely eradicate spamming -- however, it can be minimised by following tips and guidelines, said Niser director Lt Col Husin Jazri.

Unfortunately, some of these guidelines may be too complex for the public to understand, he said.

Thus MyCERT is holding a one-day technical forum tomorrow, where key industry players will present simplified and easy-to -understand best practice guidelines on spam.

New guidelines are expected to be available to the public within three months, Husin told reporters last week at the first MyCERT Special Interest Group (MyCERT-SIG) "Knowledge Sharing Session" held at Mimos Bhd's headquarters in Bukit Jalil here.

A total of 4,095 incident reports were received in the second quarter, a 56.5% increase over the first quarter which saw the unleashing of many variants of three dangerous mass-mailing worms: W32.Mydoom, W32.Beagle and W32.Netsky.

About 80% of reports received on worm incidents for January involved W32.MyDoom alone.

Towards the end of the first quarter, such attacks seemed to have come under control. This could have been due to more organisations and individual users taking preventive measures, such as installing antivirus filters at e-mail gateways and in PCs, MyCERT said.

The second quarter also had its share of worms: W32.Sasser, W32.Bobax and W32.Korgo, as well as their variants.

MyCERT has introduced new services to make it easier for the public to address network security issues, as well as to report any breakouts.

Its Free Security Scanning service was launched to identify any vulnerabilities in an organisation's system or network, and to apply the proper countermeasures.

Its Free SMS Alert service aims to equip local Internet users with up-to-date information on the latest vulnerability, worm, virus or security patch -- anytime and anywhere via short message service (SMS).

An SMS Reporting service also allows users and organisations to report security incidents quickly to (019) 281-3801.

Incidents can also be reported via pager, fax, e-mail, secure messaging or telephone.

First SIG session

MyCERT-SIG was formed in response to a call made by Deputy Prime Minister Datuk Seri Najib Tun Razak for the creation of a platform for members of the IT security fraternity to share their expertise, skills and technologies to make cyberspace safe for everybody.

It aims to provide a formidable and credible platform for incident-response and handling communities to identify, recover and mitigate the continuous threats on cyberspace, said Husin.

"Nobody can do it alone when working on solutions to such problems," he said. "You need to get second opinions and reinforcements."

Beside, hackers and virus-writers also collaborated when launching their threats and attacks. "So why shouldn't we do the same?" he said.

Since its formation earlier this month, over 200 members have registered with MyCERT-SIG.

The first MyCERT-SIG Knowledge Sharing Session last week, focusing on ICT security issues, was attended by more than 100 members.

Participants comprised engineers, information system managers, network researchers, educationists, programmers, associate professors and others.

The agency plans to hold a MyCERT-SIG Knowledge Sharing Session every quarter, he said.