H1 2013: Cyber security scene in Malaysia
ComputerWorld Malaysia (3 Sept 2013)

 According to national agency CyberSecurity Malaysia, the increase of reported 5,592 cyber security incidents in the first of half 2013 is in tandem with the enhanced use of ICT as a key economic driver towards developed nation status by 2020.

CyberSecurity Malaysia chief executive officer Dr. Amirudin Abdul Wahab said that from January to June 2013, a total of 5,592 cyber security incidents were reported to Cyber999 compared to 5,581 incidents reported in first half of 2012.

The number of incidents in first half of 2013 recorded a very small increase compared to first half 2012 with an increase of only 0.2 percent, said Dr Amirudin. "Fraud is the most-reported incidents followed by intrusion, spam, malicious codes, cyber harassment, content related, intrusion attempts, Denial of Service [DoS] and vulnerability reports."

"Analysing the data of reported cyber security incidents in the first half of 2013 and comparing them with the data for the same period in 2011 and 2012, we found a similar pattern where fraud, intrusion and malicious codes are always in the top three of most-reported cyber security incidents in the country," he said.

Within the first six months period of 2013, the following categories of cyber security incidents have increased: Content Related (320 percent), Spam (111 percent), Cyber Harassment (35 percent), Malicious Codes (25 percent) and Fraud (2 percent); whereas the following categories have decreased: Intrusion (-22 percent), Intrusion Attempts (-56 [percent), Denial of Service (-17 percent), and Vulnerability Reports (-76 percent).

Cyber security incidents are reported to Cyber999 Help Centre on a voluntary basis by the public as well as organisations within Malaysia. There are also incidents reported from outside the country such as foreign CERTs and security teams.

People: the weakest link

"These are the reported incidents and not yet considered as cyber crime cases. The incidents came from the public who wish to seek our technical assistance in resolving cyber security issues that they encountered while using the Internet," said Dr Amirudin.

"We found that incidents involving technical aspects like Intrusion (mostly involving web defacement), intrusion attempts (such as attempts to hack networks) and vulnerability reports have decreased slightly," he said. "On the contrary, attacks that rely on 'human weaknesses' - such as fraud, spams, cyber harassment and content-related incidents - have increased significantly."

"This confirms that cyber criminals are targeting 'people' instead of 'machines', because people are the weakest link in cyber security," he said. "Furthermore, advanced technical measures such as three-tier security verifications are making it more difficult to penetrate machines and networks. Therefore, we advise the public to be wary of 'social engineering', a tactic used by criminals to befriend their victims before deceiving them."

Dr Amirudin urged Internet users to be ethical, to respect other religions, race and not to incite negative emotions.

CyberSecurity Malaysia's 2013 edition of its Cyber Security Malaysia Awards, Conference & Exhibition includes the theme of security as an economic driver and one of its aims is to top the RM11 million (US$3.520 million) worth of deals made in last year's event during business matching activities.