Staying Ahead of Evolving Cyber Threats - Dr. Amir

STAYING AHEAD OF EVOLVING
CYBER THREATS IN THE

BUSINESS SECTOR
Dr. Amirudin bin Abdul Wahab
Chief Executive Officer
CyberSecurity Malaysia
7 September 2015
Copyright 2015 CyberSecurity Malaysia
SCOPE
INTRODUCTION
CYBER THREATS IN THE BUSINESS SECTOR
MALAYSIA S INITIATIVES
SECURITY THREATS
IN ADDRESSING CYBER
CONCLUSION AND WAY FORWARD
INTRODUCTION
With the increase in sophistication and proliferation of the threat
landscape, security challenges in the cyberspace have become more
complex while security threats grow at an alarming rate.
The constantly evolving nature of cyber threats and vulnerabilities are
posing a persistent challenge to the business sector with the threat of
attack on the critical national information infrastructure.
The dynamic nature of the cyber risk environment requires
continuous proactive and innovative cyber-protection capability.
WORLD INTERNET USERS
THE GLOBAL RISKS 2015 THREATS IN THE CYBERSPACE
MALAYSIAS TRANSFORMATION TOWARDS A DIGITAL ECONOMY

Cyber Security Support Malaysias Transformation Programme That Drive
Wealth Creation And Enhance The Standard Of Living To Move Malaysia To A
Developed Digital Economy By 2020.
VISION 2020
Preservation and
Enhancement of
Unity in Diversity
Effective Delivery of
Government services
1Malaysia
Government
Transformation
Programme (GTP)
People First,
Performance Now
Towards Digital
Economy
6 National Key Result

Areas (NKRAs)
Cyber
Security &
Economic
Innovation
are mutually
reinforcing
New Economic
Model: A high
Income, inclusive and
sustainable nation
Economic
Transformation
Programme (ETP)
Anchoring Growth
on People
11 th Malaysia Plan
The p eople economy will b e
given priority
A H igh Income, Inclusive

and Sustainable Nation

Threat Of Cyber Attack On The Critical Information Infrastructure
COST OF CYBER CRIMES
Cyber crime costs the global economy about $445 billion every year, with the damage
to business from the theft of intellectual property exceeding the $160 billion loss to
individuals from hacking
- The Center for Strategic and International Studies, U.S.A 2014
The growing menace of cybercrime is impacting the global economy significantly

with estimated annual losses of up to USD 575 billion..
- McAfee 2014
CHANGES IN CYBER CRIME MEGATRENDS
Note: A negative percentage indicates that the security risk rating is expected to increase. A positive
percentage indicates that risk is forecasted to decline.
Source: 2015 Global Megatrends in Cybersecurity, Ponemon Institute, February 2015
COST OF CYBERCRIME TO INDUSTRIES
Average annualized cost by industry sector: Cost expressed in US dollars (million)

Source: 2014 Global Report o n the Cost o f Cyber Crime
10

Financial Industry
11

Health Care Industry
12

Maritime Industry
13

Aviation Industry
14

Energy Industry
July 9 , 2 015
15

Insiders Threat
16
TARGETED MALWARE ON INDUSTRY
Southeast Asias financial sector faces a dual threat. First, standard cybercriminals are looking to
steal money from them. Second, advanced threat actors are seeking sensitive financial information
for a business advantage.
Source: Special Report - Southeast Asia: An Evolving Cyber Threat Landscape
FireEye Threat Intelligence, March 2015
17
FINANCIAL MALWARE ATTACKS - MALAYSIA
Geographical distribution of attacks with financial malware targeting users of

Android-based devices in 2014
Source: Kaspersky Labs Financial Cyber-threats in 2013
Report
18
MOBILE MALWARE ATTACKS - MALAYSIA
The Geography Of Mobile Malware Infection Attempts In Q2 2015

(Percentage Of All Users Attacked)
Source: IT Threat Evolution in Q2 2015, Kapersky Lab, July 2015
19
CYBERCRIME LEADS TO INCREASE IN THE COST OF BUSINESSES
20
CYBER SECURITY INCIDENTS IN MALAYSIA

Cyber Incidents Referred to CyberSecurity
Malaysia from 1997 July 2015
Number of cyber security incidents referred to CyberSecurity Malaysia

(excluding spams)
21
A HOLISTIC APPROACH
People, Process, Technology & Policy
22
National Cyber
Security Policy
formulated by
MOSTI
2006
2005
2007
MALAYSIAS INITIATIVES
- National Cyber Security Policy
CyberSecurity Malaysia
launched by
Prime Minister of Malaysia
on 20 August 2007
NCSP
Adoption
and
Implementation
Malaysias Ministry o f Science, Technology & Innovation (MOSTI) carried o ut the

study o n the National Cyber Security Policy (NCSP) in 2005
NCSP Objectives
Address The Risks To

The Critical National
Information
Infrastructure
Ensure That Critical

Infrastructure Are
Protected To A Level
That Is Commensurate
With The Risks
National IT Council (NITC) Meeting o n 7 Apr 2006 agreed to implement NCSP and
establishment o f the Malaysia Cyber Security Centre to administer NCSP.
NCSP was endorsed b y the Cabinet in May 2006.
CyberSecurity Malaysia launched b y Prime Minister o f Malaysia o n 20 Aug 2007
The policy recognises the critical and highly interdependent nature of the
CNII and aims to develop and establish a comprehensive programme and a
series of frameworks that will ensure the effectiveness of cyber security
controls over vital assets
Develop And Establish

A Comprehensive
Programme And A
Series Of Frameworks
23
CYBERSECURITY MALAYSIAS MANDATE

The Cabinet Meeting o n 28 September 2005, through the Joint Cabinet Notes b etween Ministry o f Finance
(MOF) and Ministry o f Science, Technology and Innovation (MOSTI) No. H609/2005 agreed to create the
National ICT Security and Emergency Response Centre (NISER), currently

known as CyberSecurity Malaysia as a National Body to monitor the
National e-Security aspect
separated from MIMOS as an agency and established as a Company Limited-by-Guarantee under the
supervision of MOSTI
The Ministerial Functions Act 1969 and The Order o f Federal Government Ministers 2013
Provide specialised services in cyber security and continuously identify areas that may be
detrimental to public and national security
Order No.24 - Policy and Mechanism for National Cyber Crisis Management by the National Security
Council, Malaysia:
As a specialist agency, CyberSecurity Malaysia is required to support as well as provide

technical assistance and training services for national cyber crisis management.
24
NATIONAL CYBER SECURITY POLICY
Thrust 1:
Effective
Governance
Thrust 2:
Legislative &
Regulatory
Framework
Thrust 3:
Cyber Security
Technology
Framework
Malaysias CNII shall be secure, resilient

and self-reliant. Infused with a culture of
security it will promote stability, social
well being and wealth creation
Banking &
Finance
Energy
Government
Service
Emergency
Services
R&D Towards Self

Reliance
Thrust 6:
Compliance &
Enforcement
Health
Services
Water
Thrust 7:
Defense &
Security
Food &
Agriculture
Transportation
Cyber Security
Emergency
Readiness
Information &
Communication
Thrust 4:
Culture of Security
& Capacity Building
Thrust 5:
Thrust 8:
Critical National Information

Infrastructure (CNII)
International
Cooperation
25
MALAYSIAS CYBER SECURITY SERVICES
26
26
CYBERSECURITY MALAYSIA
- Coordinated Malware Eradication & Remediation Project
(CMERP) Framework
1) Forensic
Analysis
Reporting systems (infections), honeynet (malware forensics

static and dynamic analyses) & Microsoft
Vendors (FireEye IoC, threat level etc) & CERTs (info sharing)
Which malware is prevalent?
2) Threat
Coverage
C&C, botnets, APT

Malware configuration (type)
3) Preventive
Measure
Physical takedown (local & foreign), sinkhole, blacklist

Patches and bug fixes
4) Target
Audience
End user, organisation (CNII or corporation), ISP (Jaring)

Governance/Management, legal, budget, time
Campaign, awareness, training, national/international
5) Forensic
Response
Detection and removal tool development for automation

Technical write up, advisory and signature
6) Total
Eradication
Observation/monitoring, reinfections, challenges

Feedbacks and continuous campaign/awareness
Total eradication if not back to Step 1
27
BEST PRACTICES FOR CYBER SECURITY PREPAREDNESS

ACTIONS
Preventive
Risk Assessment
Implementation of
Information Security
Controls
Adherence to Policies and
Procedures
Detective
Vulnerability Assessment &
Penetration Testing
ICT Product & System
Evaluation
Employee Competency &

Information Security
Awareness Programme
Incident Response Team
Business Continuity
Management
Data Breach Protection Tool
Corrective
Management Review
Regular Monitoring
Periodical Internal Audit
Top Management Involvement
28
STRENGTHENING INFORMATION SECURITY
Comprehensive Scope
Internal and external issues that are
relevant to organisational purpose;
MS ISO/IEC 27001:2007
Interested parties and their

requirements that are relevant to the
ISMS;
interfaces and dependencies of both
internal and external activities
29
ADOPTION OF THE COMMON CRITERIA STANDARD

Malaysian Common Criteria
Evaluation & Certification (MyCC)
Scheme
MISSION
to increase Malaysias competitiveness in
quality assurance of information security based on
the Common Criteria (CC) standard and to build
consumers confidence towards Malaysian
information security products
CERTIFICATE AUTHORISING PARTICIPANTS

Participants that represent a compliant Certification Body
Mutually recognises certified products/systems produced by the
Certificate Authorising Participants based on I SO/IEC 15408
AS OF SEPT. 2011
CERTIFICATE CONSUMING PARTICIPANTS
Participants that have a national interest in recognising

CC certificates produced by the Certificate
Authorising
MALAYSIA
QUALIFIES
Participants based on I SO/IEC 15408TO BE AUTHORIZING
PARTICIPANT BY
SEPTEMBER 2011
30
ICT PRODUCTS AND SYSTEMS EVALUATION
Malaysian Common Criteria Evaluation and Certification (MyCC) Scheme provides

a systematic process for evaluating and certifying the security functionality of ICT
products & systems against defined criteria or requirements of ISO/IEC 15408
Common Criteria standard
31
ENHANCEMENT OF COMPETENCY AND CAPACITY BUILDING
Provides competency
and p rofessional
Training p rogrammes
Develops curriculum in cyber

security for colleges, polytechnics
and universities to build expertise
in cyber security with MOE
Collaboration between
CyberSecurity Malaysia and
Institute of H igher Learning (IHL)
in various comprehensive cyber
security modules
32
AWARENESS PROGRAMMES ADDRESSING THE PEOPLE

Content
Partners
Content Localization &

Packaging
Content
Channels
Target
Audience
Children / students
Publication Video clips

International
CERT
Communities
Parents / home users
Web
Poster
Other
industry
partners
Organisations
Competition
TV ad
33
www.cybersafe.my
33
MITIGATING CYBER ATTACKS REQUIRES DOMESTIC &

INTERNATIONAL COLLABORATION
Strengthening Domestic Security
Cooperation at the Regional & Global Level
34
CONCLUSION AND WAY FORWARD

Need to foster greater collaborative engagement among
public and private-sector partners to enhance the
security and resilience of the critical national information
infrastructure;
Adopt a coherent cyber security approach by taking
responsive and proactive measures in staying ahead of
evolving cyber threats;
Strengthen strategic alliance and enhance international
cooperation in addressing emerging cross-border cyber
threats.
35
36

Staying Ahead of Evolving Cyber Threats - Dr. Amir

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Staying Ahead of Evolving Cyber Threats - Dr. Amir

Загружено:

Авторское право:

Доступные форматы

STAYING AHEAD OF EVOLVING

CYBER THREATS IN THE

Copyright 2015 CyberSecurity Malaysia

CONCLUSION AND WAY FORWARD

Copyright 2015 CyberSecurity Malaysia

Copyright 2015 CyberSecurity Malaysia

WORLD INTERNET USERS

Copyright 2015 CyberSecurity Malaysia

THE GLOBAL RISKS 2015 THREATS IN THE CYBERSPACE

Copyright 2015 CyberSecurity Malaysia

MALAYSIAS TRANSFORMATION TOWARDS A DIGITAL ECONOMY

6 National Key Result

A H igh Income, Inclusive

Copyright 2015 CyberSecurity Malaysia

CYBER THREATS IN THE BUSINESS SECTOR

Copyright 2015 CyberSecurity Malaysia

COST OF CYBER CRIMES

The growing menace of cybercrime is impacting the global economy significantly

CHANGES IN CYBER CRIME MEGATRENDS

COST OF CYBERCRIME TO INDUSTRIES

Average annualized cost by industry sector: Cost expressed in US dollars (million)

CYBER THREATS IN THE BUSINESS SECTOR

Copyright 2015 CyberSecurity Malaysia

CYBER THREATS IN THE BUSINESS SECTOR

Copyright 2015 CyberSecurity Malaysia

CYBER THREATS IN THE BUSINESS SECTOR

Copyright 2015 CyberSecurity Malaysia

CYBER THREATS IN THE BUSINESS SECTOR

Copyright 2015 CyberSecurity Malaysia

CYBER THREATS IN THE BUSINESS SECTOR

CYBER THREATS IN THE BUSINESS SECTOR

Copyright 2015 CyberSecurity Malaysia

TARGETED MALWARE ON INDUSTRY

FINANCIAL MALWARE ATTACKS - MALAYSIA

Geographical distribution of attacks with financial malware targeting users of

MOBILE MALWARE ATTACKS - MALAYSIA

The Geography Of Mobile Malware Infection Attempts In Q2 2015

Copyright 2015 CyberSecurity Malaysia

CYBERCRIME LEADS TO INCREASE IN THE COST OF BUSINESSES

Copyright 2015 CyberSecurity Malaysia

CYBER SECURITY INCIDENTS IN MALAYSIA

Number of cyber security incidents referred to CyberSecurity Malaysia

Copyright 2015 CyberSecurity Malaysia

Malaysias Ministry o f Science, Technology & Innovation (MOSTI) carried o ut the

Address The Risks To

Ensure That Critical

Develop And Establish

CYBERSECURITY MALAYSIAS MANDATE

National ICT Security and Emergency Response Centre (NISER), currently

As a specialist agency, CyberSecurity Malaysia is required to support as well as provide

Copyright 2015 CyberSecurity Malaysia

NATIONAL CYBER SECURITY POLICY

Malaysias CNII shall be secure, resilient

R&D Towards Self

Critical National Information

MALAYSIAS CYBER SECURITY SERVICES

Copyright 2015 CyberSecurity Malaysia

Reporting systems (infections), honeynet (malware forensics

C&C, botnets, APT

Physical takedown (local & foreign), sinkhole, blacklist

End user, organisation (CNII or corporation), ISP (Jaring)

Detection and removal tool development for automation

Observation/monitoring, reinfections, challenges