Looming Cyber Threats Highlight The Need To Secure Malaysia’s Critical Infrastructure

The security of Malaysia’s critical infrastructure is at the edge of a precipice. A report by the Malaysia Computer Emergency Response Team (MyCERT) found that incidents like spam, intrusion attempts, and content-related attacks were on the rise during the third quarter of 2022.

This upward trend places more pressure on security personnel and network administrators to protect critical national information infrastructure (CNII) to maintain data confidentiality and service availability.

To achieve this, organisations need to focus their efforts on securing key assets, including supervisory control and data acquisition (SCADA) systems, industrial control systems (ICS), and operational technology (OT).

Overview on Malaysia’s critical infrastructure security

According to the National Cyber Security Agency (NACSA), CNII is defined as information assets, processes, facilities, and services that are essential to the country. These systems impact national defence, economic stability, governmental functions and social routines. Sectors that are considered part of CNII include energy, transportation, and healthcare, among many others.

In this age of digital transformation, the need to boost operational efficiency and tailor services according to clients’ needs have led to CNII operators converging OT machines with information technology (IT) systems.

Despite the benefits, this setup has also widened their attack surfaces which, if not handled effectively, can lead to severe routine disruptions and loss of trust from the community.

While the Malaysian government has already put in place guidelines to help operators secure their systems, such as the National Cyber Security Policy (NCSP), our own survey shows that more must be done to strengthen their protection.

One of the shortcomings we have observed in Malaysia’s OT security is the lack of centralised visibility that is prevalent among 88 percent of companies. This is concerning as 82 percent of organisations were reported to have more than 100 IP-enabled OT devices connected to their network.

Without the ability to account for these devices, organisations will be faced with frequent attacks brought on by the numerous security gaps which attackers can exploit.

Another issue they face is the inconsistency of OT security ownership. Only 24 percent of companies agreed that the role should fall to the chief information security officer (CISO). Meanwhile, other organisations had cited positions like network engineering directors, chief technical officers (CTOs), and security architects as the ones in charge.

However, enforcing OT security shouldn’t just fall on security leaders and experts, but also on the employees themselves. This can be done through simple measures like not saving credentials in easily-accessible plaintext format and installing patches and security updates.

During that time, 100 percent of surveyed companies said that they experienced at least one intrusion, with the top three being phishing (53 percent), malware (51 percent), and human error (51 percent).

Simultaneously, 76 percent of organisations expressed concern about malware being more dangerous than other types of intrusion due to its efficacy.

When asked about downtime and operational stoppages, 92 percent answered that it took hours or more, of which 10 percent said it took months. In a highly competitive landscape where speed triumphs, this is unacceptable and can push customers to seek faster alternatives elsewhere.

Modern safeguards for a converged IT-OT landscape

To prevent IT and OT systems from being targeted, critical infrastructure operators need to base their security strategy on three key aspects, which are visibility, segmentation, and secured access.

The first step is to create an inventory of all programmable logic controllers (PLCs) and IT assets through a cyberthreat assessment solution. Once critical operators have a sense of what their infrastructure looks like, they can then segment networks to prevent cyberattackers from conducting lateral movements. The remaining security gaps should be plugged by integrating firewalls designed to secure every access point and hide OT traffic from prying eyes.

Modern security solutions allow operators to meet these aspects and cover all bases, so they can focus on delivering critical services. For instance, zero-trust controls block access to vital resources until users can verify their identities.

Besides that, network access controls (NAC) give security teams the ability to oversee, control, and automate responses to connected devices within the network. Most of all, a cybersecurity mesh architecture is essential to facilitate seamless communication between controls, creating faster and more accurate responses while making cyberattacks a difficult endeavour.

Considering the important role critical infrastructure plays in supporting businesses and citizens’ routines, a strong cybersecurity posture is needed to maintain operational consistency.

This requires a shift from traditional siloed security programs to a unified solution that can bring controls together to respond to current and future threats. Those who can achieve this will be able to serve their communities flawlessly and garner public approval.

By Fortinet Country Manager Dickson Woo

Previous articleRinggit Expected To Depreciate Further In Anticipation Of US Data : Kenanga
Next articleDomestic Demand Key Driver For Economic Growth: MIDF


Please enter your comment!
Please enter your name here