Weaving a web of cyber experts
Malaysia will form a network to stop rising cybercrimes and fill the need for cyber professionals in future.
Malaysia will form a network to stop rising cybercrimes and fill the need for cyber professionals in future.
IT is the most profitable crime in Malaysia.
Cybercrimes – already a rising trend – are also expected to be more advanced, evolving with technology and exploiting our dependence on the Internet.
It has even overtaken drug trafficking as the most lucrative crime.
Globally, news reports say the total losses from cybercrimes have exceeded conventional “offline” crimes.
Here in Malaysia, it’s becoming a serious economic threat, with RM179.3mil lost in 2015, based on data from the Performance Management And Delivery Unit (Pemandu). Over 70% of commercial crime cases handled by the police were also cybercrimes.
And while online crimes become more common, there’s another problem – about 3.5 million cybersecurity jobs are projected to be unfilled by 2021 across nations.
As such, it is time for Malaysia to bulk up cyber defences.
A network of cyber experts – to hone talent and fight cyber crimes – is expected to be formed with CyberSecurity Malaysia (CSM) taking the reins.
The proposed “Malaysia Digital Forensics Science Network” will consist mainly of experts from CSM, universities, Malaysian Communications and Multimedia Commission and law enforcement agencies like the police.
This web of experts will also address the projected lack of cyber professionals, by roping in universities to encourage more students to join this field.
Malaysia needs to close this gap so that we will have enough capacity to handle future challenges, says CSM chief executive officer Datuk Dr Amirudin Abdul Wahab.
“These days, criminals don’t really need to rob a bank, storming in with guns. Today, they go online to steal money.
“The current landscape is such, whereby criminals are getting smarter and threats are becoming more complex,” he tells Sunday Star in an interview.
Dr Amirudin says forming the network will enable the digital forensic community to work together and produce more experts to address cybersecurity issues.
“We need to build expertise in digital forensics, especially in evidence gathering.
“In cases where laptops, computers or other devices are seized to establish proof, we need qualified professionals to find and determine evidence.
“That is where digital forensics come in. And for CSM, our digital forensics lab is the only agency in Asia-Pacific to be recognised by the American Society of Crime Laboratory Directors.
“This is the same body which has accredited the FBI (USA’s Federal Bureau of Investigation),” he adds.
And when proving a cybercrime in court, one of the challenges is establishing the technical parts of the offence, which further leads to the importance of building talents in cybersecurity.
The need is also propelled to avoid further economic losses because of cybercrimes.
A cybersecurity incident can cost large organisations in Malaysia an average of USD22.8mil (RM92.09mil) in total economic losses, based on a recent study by Microsoft and market research firm Frost & Sullivan.
For middle-sized organisations, that sum is an average of USD36,000 (RM145,408).
Crimes in the virtual world are very real, but as the study shows, less than 50% of companies conduct regular forensics or data breach assessments.
Instead, more than half (53%) of Malaysian organisations have either experienced a cybersecurity incident or aren’t even sure if they have any security issues as they haven’t performed such checks.
“This means that awareness on the importance of cybersecurity is still low,” Dr Amirudin concludes.
On the Government front, several critical agencies undergo annual cyber drills known X-Maya, to test their response in the event of a cyber attack.
In such drills, organised by the National Security Council and CSM since 2008, experts simulate cyber attacks to identify security gaps.
“This year, we are zooming into sectorial levels, covering the pri-
The current landscape is such, whereby criminals are getting smarter and threats are becoming more complex. CyberSecurity Malaysia CEO Datuk Dr Amirudin Abdul Wahab
vate sector too.
“We are conducting training for the banking and financial sector like investment companies this month to ensure their cyber protection is up to mark.
“In future, we hope to cover the water and energy sectors, telcos and the ICT industry,” says Dr Amirudin.
But everybody needs to do their part in strengthening cybersecurity.
One of the most important things you can do is this – report to the CSM if you encounter an incident.
“We want people to come forward if they encounter cybersecurity issues. This will help us take action in protecting our cyberspace,” urges Dr Amirudin.
He says many organisations fear their reputation will be marred and refuse to report to the authorities.
“But they should come to us. We will help them. It’s free.
“Don’t worry about confidentiality. Identities and sensitive information will be protected,” he adds.
Aside from being a responsive agency, the CSM hopes to take on a proactive approach.
“We want to work with Internet service providers to detect infections in the network and come up with solutions,” says Dr Amirudin.
Those who wish to report cybersecurity incidents can contact the CSM through its Cyber999 Help Centre at 1-300-88-2999 (office hours) or its 24-hour emergency hotline 019-2665850. For more information, log on to www.mycert. org.my