Cyberattacks likely if action not taken, says bukit aman
KUALA LUMPUR: Companies and organisations must beef up cybersecurity to prevent breaches and cyberattacks, says Bukit Aman.
Bukit Aman Commercial Crime Investigation Department (CCID) director Comm Datuk Seri Ramli Mohamed Yoosuf (pic) said cyber attacks are quite prevalent worldwide with millions of attacks per year and tens of thousands daily.
“Thus, it is imperative for companies and organisations to beef up their cybersecurity systems such as firewalls to prevent breaches.
“If it is not done, sooner or later, an organisation or entity might face a cyberattack,” he told The Star recently.
Comm Ramli said the CCID is working closely with other agencies such as Cyber Security Malaysia and the Malaysian Communications and Multimedia Commission to take action on data breaches.
He said the CCID managed to bust a syndicate that attempted to sell stolen data in September.
“We detained five men, including a Pakistani, in an operation codenamed Ops Kapas, with other agencies, including Cyber Security Malaysia.
“The syndicate stole 400 million pieces of data of Malaysians, including names, MyKad, addresses, bank accounts and phone numbers.
ALSO READ: Smaller firms lack budget for cybersecurity
“They had hacked systems used by companies and agencies to obtain the data.
“Those who want access to the data are charged between RM200 and RM800 per month,” he said.
Investigations showed the syndicate was operating for about a year.
“Two of those detained – a Malaysian and a Pakistani – were a web portal designer and a hacker.
“Three other individuals were agents and unlicensed debt collectors, who bought the stolen data,” he said.
Investigations showed the Pakistani man as the syndicate’s mastermind due to his hacking skills.
“We believe he entered Malaysia as a general worker 10 years ago,” he said.
Comm Ramli said syndicates are using the “shadow world” of the Internet to look for potential customers of the stolen data.
ALSO READ: Shields up around Malaysia’s cyberspace
“The syndicate would sell the stolen data on the dark web to other syndicates such as scammers as well as unlicensed debt collectors,” he said.
Meanwhile, checks by The Star on the dark web showed that transactions are made using cryptocurrency, particularly bitcoin, which makes following the money trail difficult.
Among the finds on the dark web was the alleged sale of staff members’ and customers’ data of a low-cost airline.
Another search result showed that hackers have sourced the login ID of users of different banks from different countries and were promoting their service which includes transferring any amount of money for a fee.
“We have gathered bank logins of different banks and countries as a result of automated Malware/Trojan we spread online once the individual logs into his/her online banking account, it grabs the person’s banking details, it is very powerful and can get access to accounts, bank database and bank server,” the promotional literature of the service read.
“With these services, you just place an order to get any amount you need and we will look up the bank login we have available and make transfers to any account you provide.
Our services are efficient, reliable and safe,” it said, adding that bank transfers are available to countries such as Malaysia, the United States, the United Kingdom, the United Arab Emirates, Canada, Australia, Netherlands, China and Switzerland.
These hackers are charging US$450 (RM1,990) for bank transfers amounting to US$2,000-US$4,000 (RM8,848-RM17,696); US$750 (RM3,318) for bank transfers amounting to US$5,000-US$7,000 (RM22,122-RM30,969) and US$1,050 (RM4,645) for bank transfers amounting to US$8,000-US$10,000 (RM35,393 - RM44,241).
Related stories:
Smaller firms lack budget for cybersecurity
Shields up around Malaysia’s cyberspace
Make clear who’s in charge now, say stakeholders
Related posts:
Expert calls for NSRC overhaul as millions lost to scammers posing as NSRC officials
OTHERS:
