Recently, a group of hackers, code-named “grey hat”, broke into the civil servants’ ePaySlip system and extracted nearly two million payslips and tax forms in PDF format amounting to 188.75 gigabytes.
Commenting on the increasing frequency of these attacks, Vicky Ray, Principal, Unit 42 Threat Intelligence, JAPAC, Palo Alto Networks said, “Data leakage has become a recurring issue, both globally and in Malaysia, caused by phishing, malware and ransomware attacks, or even unintentional sharing of sensitive data by users. Regardless of the cause, organisations need to step up their game to implement a data loss prevention system to plug vulnerabilities in their infrastructure.”
Palo Alto Networks 2022 Unit 42 Ransomware Threat Report report revealed that in 2021, cybercriminals increasingly turned to Dark Web “leak sites” to post the leaked data, in addition to demanding ransom from their victims. The research also found that last year, 2,566 organisations’ data were leaked on the dark web globally, an 85% increase since the previous year. The leak sites posted these organisations’ names and proof of compromise, similar to what happened in Malaysia.
Palo Alto Networks recommends the following measures companies can implement to minimise the possibilities data breaches:
- Conduct phishing prevention and recurring employee security training.
- Centralise security management efforts such as threat detection and security alerts
- Control user activities with least privilege given – ie: limited access to specific applications and data at given timeframe.
- Implement multi factor authentication besides email, for the verification of third party applications
- Implement a Zero Trust approach “Never trust, always verify” – to eliminate implicit trust and validate users’ activities continuously at every stage of digital interaction.
“Organisations must develop an effective security strategy to uphold integrity of their data while it is at rest, in use, and in motion. By upgrading defences consistently to keep up with the evolving threats, IT teams can stay ahead of the attack curve and minimise the risks associated with such attacks.” said Vicky.