Workflow logo
Post Job Now
Home / Resources / Blog /Malaysian Employers Federation Hit by Ransomware Attack
Malaysian Employers Federation Hit by Ransomware Attack
# Workplace# Human Resources# Employer

Malaysian Employers Federation Hit by Ransomware Attack

Mohamad Danial bin Ab Khalil
by Mohamad Danial bin Ab Khalil
Sep 23, 2021 at 08:38 PM

Are You Hiring?

Find candidates in 72 Hours with 5+ million talents in Maukerja Malaysia & Ricebowl using Instant Job Ads.

Hire Now
A Job Thing Logo

Malaysian Employers Federation's (MEF) president Datuk Dr Syed Hussain Syed Husman, said that a ransomware attack hit the organisation in early July.

The ransomware attack involved MEF's encrypted accounting data. According to him, MEF's outsourced technical team managed to restore the server, and there were only three days of downtime. 

MEF's accounting vendor said a few of their clients also faced similar problems when accessing systems through a virtual private network (VPN). Companies usually use a VPN to enable employees to work remotely to access the company's system.

Syed Hussain said that as more employees connect their own devices to the office network, these attacks are imminent. Some of their devices, especially personal IT devices, do not have proper security software.

He said that employers are aware of these problems that happen because of remote working, and they are doing everything they can to solve issues within their control. He added the service providers should address issues such as the infrastructure of cables and telecommunications. 

 

The importance of investing in cybersecurity

He urged all employers to invest more in safeguarding and protecting their systems as cybercrime has become more rampant, especially during the Covid 19 pandemic. 

According to Syed Hussain, the unauthorised access to government information, personal information, intellectual property, infrastructure and disruption shows the urgent need to enhance existing public and private digital security.

He said that based on projections, cybercrimes worldwide could potentially cost RM43.6 trillion by 2025.

One of the primary issues many companies face is not enough funding to upgrade cybersecurity, as they have many other priorities during this challenging period.

He said that the MEF hopes that the upcoming Budget 2020 would provide some incentives for businesses to upgrade and strengthen cybersecurity.

ransomware
Ransomware is malware that employs encryption to hold a victim's information at ransom.

SMEs were affected, too.

SME Association of Malaysia vice-president CS Chin said cyberattacks hit many SMEs, and there's an increase in cyber threats. 

According to him, cybersecurity is not an option when running a company but is a part of business costs and strategies which applies to small and large companies. 

Chin said SMEs face two ongoing primary threats: ransomware and botnet malware, a consistent trend globally.

Ransomware is a type of software that blocks users from accessing their data until they pay the cybercriminals. Botnet malware is a network of devices infected with malware, such as computer viruses and remotely controlled by a hacker. 

Apart from those two, cyber fraud is also a primary concern for SMEs, with local businesses being targeted in phishing attacks. Phishing is a form of fraud where an attacker disguises themself as a reputable entity or person in an email or other platforms. 

One instance Chin recalled is the case of a skincare distributor who transferred almost RM500,000 to a hacker accounter after their email was compromised. 

He said that many such cases cost SMEs thousands of ringgit. But, most SMEs refused to admit that they have been compromised publicly. He added that most cases are due to the lack of focus on cybersecurity investment. 

 

How to protect your business against cybercrimes

He highlights that companies must have a plan to deal with the ever-challenging cyberworld or bear the risk of losses. He said businesses should invest at least 20% to 30% of their ICT budget to safeguard their systems. 

Chin advised organisations to save updated backups of critical files offlines and scan devices that try to access the network to protect against ransomware. 

He urged companies to understand how ransomware works. As remote and hybrid work in place, phishing is the first starting point for other types of cybercrime, such as ransomware. 

He said that employers should expand cybersecurity awareness and training to all employees. Bosses should also invest in cybersecurity services that address the risks posed by employees working remotely. 

Chin said companies should first protect their endpoint. If the employee's endpoint is compromised, it will spread to the internal network and harm the server when they return to the office. 

As most breaches happen because of human error and negligence, companies should also implement cybersecurity awareness training. 

 

The SME Association strongly recommended that the government provide grants to encourage SMEs to equip themselves with more cybersecurity protection. 

 

Source: The Star

Articles that might interest you 

What You Need to Know About Program Subsidi Upah (PSU) 4.0
What You Need to Know About EPF's i-Saraan
EPF Launches Two Initiatives to Help Employers Manage Cash Flow

Search
Categories
© Copyright Agensi Pekerjaan Ajobthing Sdn Bhd SSM (1036935K) EA License Number JTKSM 232C Terms & Condition Privacy & Policy About Us