Last year, Malaysia suffered multiple cyber attacks, including personal data theft of 22.5 million from a national registry and payment gateway data breach. In the same year, hackers broke into a payslip system, extracting nearly two million payslips and tax forms, stealing up to 188.75 gigabytes of data. Recently, an insurance group has confirmed that two of its local subsidiaries have been affected by the MOVEit zero-day vulnerability exploit.
In Nov 2020, it was reported that a data breach had allegedly occurred involving the EC’s database, where the personal details of 800,000 voters were leaked. While not proven, the allegation and a string of other data breach issues have underlined the urgency to mitigate cyber risks as soon as possible before the state election starts.
The upcoming state election also presents a unique opportunity for cybercriminals to tailor their attack methods based on political campaigns, platforms, and candidates’ (as well as voters’) behaviors. There are mainly three types of attacks that may affect the period:
- Cyber hacktivism: Attacks focusing largely on persuasion or dissuasion to shift, stop, or silence a political group or message. Recently evolved to deepfake videos with the advancement of AI capabilities, commonly used to smear and shame candidates, disseminate unethical propaganda, and spread fake news.
- Traditional cyberattacks: Attacks are carried out to secure financial gain by leveraging stolen data. Most commonly seen as URL phishing and or SMS phishing, these require comprehensive endpoint protection and high security awareness
- Identity Theft: Commonly identified as alleging improper use of identity cards. With the available national identity leaked on the dark web, it is easier for unethical parties to purchase and misuse the identity to destroy the state election campaigns.
In ensuring a cyber-safe election period, there are a couple of solutions and recommendations that the government can implement to reduce cybersecurity risks. These include:
- Improve Response Times with Analytics and Automation
- New forms of threats can evolve in a matter of minutes. The system needs to have the agility and ability to keep up with the latest malware and exploits, and to also detect and automatically prevent the risks across networks, clouds, and endpoints, within as few as five minutes.
- Enforce Zero Trust Network Access (ZTNA) 2.0 for Networks Housing Critical Infrastructure
- Zero Trust is a framework whereby, by default, all users are denied network access. This means securing every part of the access route with powerful next-generation tools that detect and thwart attacks.
- Implementing ZTNA 2.0 allows election officials to limit the attack surface by isolating internal network segments that house election data, to have continuous trust verification and security inspection, as well as strict control on legitimate employees, applications, and traffic that can access the segment.
- Protect Critical Endpoints
- During the election period, extra protection must be added to numerous devices and operating systems, such as the tools storing voters’ data, as these are considered critical endpoints. A multi-method approach to block exploits, ransomware, malware, and other types of attacks also needs to be implemented.
In addition, prospective voters need to protect themselves against cyberattacks. Some steps that individuals can implement include:
- Think before clicking. Never click embedded links within an email, especially if the sender’s authenticity is questionable.
- Watch out for scare tactics. Phishers often employ scare tactics, threatening to disable an account or delay services until new or updated information is provided.
- Ignore unprofessional emails. Fraudulent emails are typically personalized and addressed directly to the individual; while real, authentic emails from political groups, financial organizations, or other similar businesses, will typically reference the specific details of a given transaction or account.
- Go directly to the source. Always be wary of emails or SMS requesting confidential information, particularly requests leveraging an embedded form or a link to an unknown site.
- Beef up security. Block these attempts from ever entering the network in the first place with an automated, prevention-first, platform approach to cybersecurity.
With the State Election just around the corner, cybersecurity has become more important than ever. Political parties, candidates, the government, and even prospective voters need to realize that cyber criminals are looking to gain from all sides, and that everyone is susceptible to cyberattacks. While there is still time before the elections fully begin, both individuals and organizations must start focusing on the security of their data. Robust cybersecurity measures need to be put in place, and cyber-safe practices need to be implemented as we gear up for a historical period in the country.
By Lim Suk Hua, Country Manager, Palo Alto Networks Malaysia
