More information security experts needed

KUALA LUMPUR: Although Internet banking cybercrimes are still at a manageable level, the country still needs to produce more information security experts, according to CyberSecurity Malaysia.

“I do not want to claim we have a lack of experts or that our experts are enough to solve problems but we need to collaborate to produce more experts,” said its chief executive officer Lt Col (Rtd) Husin Jazri.

He said with the number of Internet users rising and the trend moving into advanced levels, such as mobile banking, the country needs to be prepared in all areas, particularly with information security experts.

Currently, Malaysia has about 16 million Internet users, he told reporters after delivering the opening speech at the CyberSecurity RSA Seminar 2010 here.

On online banking, Husin said it was the users rather than financial institutions that were most affected by cybercrimes.

“I am not worried about the banks. They have a lot of money to secure their systems. They can have the world’s best consultants to look into their security systems,” he said.

“It’s the human part that gets affected, not the technological part. The users become the victims. When the users communicate with the banks, they are exposed to social engineering, online scams and other threats.”

According to Husin, online users should be aware that banks never do online maintenance as far as Internet banking is concerned for their customers.

“We need to educate users on this fact which can contribute towards curbing the problem (of social engineering),” he said.

From the total of 3,564 cases reported last year, 1,022 were fraud and forgery cases, which accounted for one-third of the reports, Husin said.

“We should share know-how and identify the necessary strategy to address threats such as the increasing risk of security breaches, identity theft, phishing and cyberterrorism,” he said. — Bernama

Cyberthreats to rise as World Cup kicks off

KUALA LUMPUR: With Fifa World Cup fever set to start soon, football fans will be surfing the Internet for tickets, news and other information on the tournament. They make perfect targets for cyberscammers, phishers and malware.

Security solutions vendor Symantec Corp will be particularly on guard for malicious activity on the Internet relating to the competition which begins June 11, in an effort to keep the football fans and the companies they work for safe.

On its dedicated website, www.2010netthreat.com, Symantec will provide data, commentary, safety tips and useful links for football fans going online.

According to Paul Wood, senior analyst at Symantec Hosted Services, the tournament attracts more than one billion football fans worldwide and is becoming a theme for cybercriminals.

“Historically, any large-scale sporting event has shown an increase in all kinds of cyberthreats,” he said. “Phishing attacks increased by 66% during the Beijing Olympics in 2008.”

Also, Symantec warned, two undersea communications cables landed on South African shores last July that will exacerbate the threat levels.

“History shows that malicious activity increases in a country after new bandwidth is made available,” said Wood.

Symantec has installed additional network sensors in South Africa and southern Africa to monitor traffic and feed information to customers looking to take steps to secure their networks against additional threats.

“As an example, two of our configured partners in Africa have submitted unique malicious files that have not been seen elsewhere by Symantec,” Wood said.

Heads up

Much of the threat activity will not be new to the world of cybercrime — so-called 419 scams, spam and phishing attacks will face users in the guise of special offers for the event.

“The rule is, if something looks too good to be true, then it’s likely to be a scam,” said Gordon Love, Africa regional director at Symantec.

“Also, in all cases these days a cybercriminal is looking to steal a user’s personal information — identity details, bank account numbers, passwords and credit card numbers — to steal money from a user.

“The 2010 Net Threat site will aim to tell people how they can protect themselves against such attacks,” Love said.

Internet users must also be on the alert for new varieties of scam. “Attackers are even going as far as ensuring their fake websites or sites they have ‘poisoned’ with malicious code appear at the top of search results,” he said.

“Users tend to assume that the sites that appear first tend to be legitimate and may click on them without first examining the source.”

By the time the World Cup kicks off, 3.1 million tickets will have been sold. More than 400 million people worldwide will watch each match on TV. And hundreds of millions will be on the Internet, trying to stay connected to the popular sporting event.

Cyberattackers are always finding new ways of duping people into disclosing their personal information. Being well informed and alert is as important as keeping up to date with the latest protection software updates, Symantec said.