Cybersecurity experts: Mechanism still a reactive solution
While a “kill switch” is a good mechanism to protect the people from online fraud, it is still a reactive solution, say cybersecurity experts.
They said the government should realise that having a kill switch in itself does not help prevent or weed out online scams.
Prof Dr Mohamed Ridza Wahiddin said kill switches have a wide range of applications and uses that vary based on their medium and objective, such as software-based kill switch, cybersecurity kill switch, and network or server kill switch.
“The initiative is in the right direction. Having the kill switch is a reactive solution to compliment other existing solutions,” he told The Star yesterday.
The founder and patron of
International Islamic University Malaysia’s Centre of Excellence for Cybersecurity noted that the kill switch can be used in various platforms and domains.
“Interestingly, it can even be used by the cyber criminals to wipe out their digital footprints to destroy evidence,” Mohamed Ridza said, adding that a kill switch is not merely a defensive tool, as cybercriminals can also use it as part of a cyberattack.
Even when used by a cybercriminal, a kill switch can still act as a safety mechanism.
“For instance, if malware creators build a kill switch into a virus, they can program it to trigger an immediate response to specific situations, such as wiping out their digital footprints to destroy evidence or tracking,” he said.
Mohamed Ridza said the system administrator must be well versed with the limitations, advantages and disadvantages of the kill switch for the intended purpose.
“It is not a one-size-fits-all tool,” he added.
Cyber security specialist Fong Choong Fook also agreed that a kill switch is a “reactive move”.
“The kill switch only works when you realise you might be involved in a scam,” he said.
“While it is not something new, many banks have implemented a kill switch mechanism in their apps,” said Fong, who has been in the industry for two decades.
“Preventive measures are still critical in not letting people fall prey to scams.
“We should educate the public, because prevention is better than cure,” Fong said, while urging the government to spend more resources on building a solid security framework, including having a comprehensive Cybersecurity Bill.
“The measures should include having stricter laws and punishments for scam operators,” he said.
In Dewan Rakyat yesterday, Minister in the Prime Minister’s Department (Law and Institutional Reforms) Datuk Seri Azalina Othman Said announced that a new law is being drafted to have a “kill switch” mechanism in place to halt scam-related transactions on any domain or platforms in Malaysia as existing laws are outdated to deal with this form of crime.