Bringing down the cyber baddies
The government is looking into giving CyberSecurity Malaysia more power to defend the nation’s cyberspace, including actively taking down threats when they are detected.
The government is looking into giving CyberS ecurity Malaysia more power to defend the nation’s cyberspace, including actively taking down threats when they are detected.
THEY are the nameless heroes that help solve crimes in the virtual world.
And they have been roped in for high profile cases, such as re-creating a flight simulator in the probe to locate the missing MH370 plane.
More recently, they used their own facial recognition technology that led to the arrest of the suspects for the cold-hearted killing of a pregnant cat at a launderette.
But this team of cyberforensic experts from CyberSecurity Malaysia (CSM) wants to do more.
At a time when cyberthreats are growing, the CSM wants to have more authority in taking pro-active action, which includes “cyber takedowns” of the bad guys when their criminal activities are detected.
By collecting details and accessing a visbility map, the team is able to detect parties who are running malicious codes.
But instead of waiting for incidents to be reported, the team can actively identify the cybercriminals and bring down their server before they can strike more users.
Current laws and legal framework do not empower the agency to take these actions yet.
However, this will soon change, as Communications and Multimedia Minister Gobind Singh Deo agrees there is a need to consider giving CSM greater powers.
“This is so that they can act quickly and prevent extensive damage when a problem occurs.
“This may involve amending existing laws and regulations such as the Communications and Multimedia Act, Penal Code, Criminal Procedure Code and Evidence Act,” he tells Sunday Star.
He adds that he plans to present a paper in Cabinet about the move in the second quarter of next year.
Recently, Gobind says he has been engaging with the police and they have recognised the need to work together to build a stronger ecosystem to combat cybercrime.
“Cybercrimes are more complex than usual investigations because a certain level of technicalities is usually involved.
“Hence, necessary expertise is needed in dealing with it,” he adds. He says CSM is an agency which has the ability to defend and protect users from cyberthreats, especially in the Fourth Industrial Revolution (4IR).
While they have labs to assist in solving breaches, Gobind says the CSM should be given more to enable them to expand on research and build skilled teams to probe and prevent cases.
As the government is well aware of the serious risks posed by cyber threats, he assures that they are committed towards building a safe environment for everyone online.
“This is in keeping with our push for more people to use technology to expand their businesses and take full advantage of the benefits offered in a digitalised world,” he highlights.
CSM chief executive officer Datuk Dr Amirudin Abdul Wahab says there is a need to create a stronger cyberarmy to defend the country’s cyberspace.
“We want to expand our intelligence team too, but this depends on government funding and support.
“We hope that laws can be amended to allow our team to carry out pro-active measures,” he says.
Already, the CSM has the capabili- ty for active defence.
“We can see them on our radar but we need the mandate to act against them,” Dr Amirudin says.
By empowering the team, he is confident the number of cybercrimes can be lowered, while public and investor confidence can be increased in Malaysia.
The need to bulk up cyber defences is also in line with the advent of the 4IR, in which technology is embedded in our lives and society.
“Cybercriminals are also getting smarter, sharpening their expertise each day,” says Cybersecurity Malaysia’s responsive services division senior vice-president Dr Aswami Fadillah Mohd Ariffin.
“Some can be two to three steps ahead of us. This is why we have to safeguard our country,” he adds.
He says CSM hopes to launch a new service to uncover future threats, called CyberFox or “cyber forensic operations X” by next year.
“Passive defence includes setting up firewalls to prevent threats.
“But we hope to embark on more active defences such as by checking logs and connections to spot hackers who may be hiding behind Internet traffic,” he adds.
Pro-active measures can also include approaching infected
organisations to prevent further cybercrimes from spreading.
Dr Aswami says the team has access to a “heat map” where they can spot infections from cybercriminals.
An increasing trend are advanced persistent threats (APTs) whereby a hacker gains access to a system and goes undetected to steal confidential data or spy on the organisation.
The cybercriminals can do this through spear phishing, a targeted attack to gain sensitive information by duping the victim to click on an attachment which looks like it came from a trusted source.
“Such APTs can be targeted at high ranking officials like company CEOs and can be used for corporate espionage.
“Spear phishing can be very effective in compromising the systems of organisations,” he says, adding that sometimes, such crimes hit financial organisations like banks.
But without proper action, crimes like these are swept under the carpet as some organisations refuse to report the case.
With active defences, the CSM will be able to pro-actively address such crimes.
Other examples of APTs are intrusions into the health sector, whereby if such hackers can gain access to medical records, they can sell such information to insurance companies.
Highlighting the importance of digital forensics, Dr Aswami says obtaining evidence is crucial for the prosecution to prove cybercrimes and bring the culprit to justice.
Under the Criminal Procedure Code, all reports and testimonials from CSM’s analysts are acceptable by the Malaysian courts in cybersecurity cases.
“Sometimes, the CSM provides training to judges and prosecutors in handling cybersecurity cases.
“In court, we try to advise the Deputy Public Prosecutor in the technicalities,” he says.