The Human and Organizational Costs of a Cyber-attack

Imagine yourself as a successful entrepreneur or founder of a company who has amassed a large sum of wealth through the business you’ve invested tirelessly and conscientiously in.

Imagine in your mind if, one day, the threat of cyber-crime eventually turns into reality as you fall prey to one or maybe more sophisticated and malicious hackers, who have upped their scheming ways and manage to breach into your highly protected data and assets. Despite taking stringent measures to protect your valuables, they are now exposed to hackers who could wipe them out or use your data to sell to other cyber criminals, target phishing attacks, or extort you.

With just one cybercriminal action, cybercriminals can undo years of hard work and accumulate wealth from establishing your business. What went wrong here? Could it have been prevented? We’ll explore the scope of things in further detail below. However, let’s first understand what cyber-crime is.

The nitty-gritty of cyber-crime

The Russian cybersecurity and anti-virus provider Kaspersky define cyber-crime as criminal activity that either targets or uses a computer, computer devices, or a networked device. Many assume that cybercriminals target individuals or corporations who are affluent or have amassed a large revenue stream. However, cybercriminals may hack into a computer or network for reasons other than to make a quick buck, such as to inflict a personal vendetta against a person or for political reasons.

Cyber-crime has caused major losses to companies

No individual or organization is invincible to cyber-attacks. Datuk Abdul Halim Abdul Rahman, the Deputy Secretary General (Security) of the Ministry of Home Affairs Malaysia, explained that roughly 20,000 cyber-crimes were reported in 2021, with losses amounting to RM 560 million. Cyberbullying, falsification, hacking, phishing, and email scams were among the cybercrimes.

In reference to the Malaysia Cyber Security Strategy 2020-2024 report, the country may face economic losses of up to RM 51 billion due to cyberthreats.

What are the different forms of cyber-crimes?

According to Inspector-General of Police Tan Sri Acryl Sani Abdullah Sani, having extensively inspected cyber-crime cases managed by the Bukit Aman Commercial Crime Investigation Department, there were seven main forms of cyber fraud. They include Macau scams, non-existent loans, online purchases, online investments, African scams, Business Email Compromised, and SMS fraud.

In a separate finding by the Senior Assistant Commissioner of the Commercial Crime Investigation Department (CCID), Victor Sanjos, there were 11,367 cybercrime cases recorded between January and July of this year.

Of this figure, 4,912 cases involving losses up to RM 199.8 million were done through Macau scams or impersonation or fraud calls. E-commerce crimes were recorded in 5,397 cases with losses amounting to RM 71.6 million, while e-financial fraud or phishing involved 543 cases with a loss of RM 40.5 million.

One of the most notable cyber-crime incidents to have hit Malaysia was the cybersecurity incident experienced by payment gateway provider, iPay88, which occurred on May 31, 2022, and compromised users’ card data. The establishment has since been advised by Bank Negara Malaysia (BNM) to ramp up their cybersecurity efforts to prevent repeated or further infiltration of data such as this.

Why tackling cyber-crime is imperative to accelerate Malaysia’s economy

By 2025, the digital economy is expected to contribute up to 22.6% of Malaysia’s Gross Domestic Product (GDP). Hence, increasing protective measures to combat cyber-crimes are imperative to safeguarding Malaysia’s economy. As Malaysia is on track to develop itself as a nation driven by the digital economy, any looming threats that could affect key targets and the economic sector must be stamped on and immediately mitigated, or if possible, eradicated.

Knowing that the threats of cyberthreats are constantly looming and just one attack away from compromising their data and assets, what protective or preventive measures have our government or organisations put in place to protect themselves from cyber-attackers?

The Cyber Kill Chain Model and the Different Stages of Cyber-crime

The Cyber Kill Chain Model is perhaps one of the most effective frameworks to identify and prevent cyber intrusions from unwanted sources. Developed by Lockheed Martin in 2011, the Cyber Kill Chain model outlines the various stages of several common cyber-attacks, and the measures that information security specialists can implement to prevent, detect, or intercept these malicious activities.

As shown on the Crowdstrike website, this model helps individuals or organizations ramp up their efforts against sophisticated cyber-attacks, also known as “advanced persistent threats” (APTs), where adversaries may study how to plan a cyber-attack. These attacks frequently take the form of spoofing, malware, ransomware, Trojans, and social engineering techniques.

In reference to the Cyber Kill Chain model, there are eight stages in which a cyber attacker may hit its opponents (individuals or organizations, which could be you):

Stage 1: Reconnaissance

In the early stages of a cyber-attack, the perpetrator or hacker will select a target to carry out their malicious intent. They will explore the target’s vulnerabilities and weaknesses, which can be exploited within the network.

At this stage, the malicious hacker will attempt to gain important data, such as your login credentials, email addresses, user IDs, physical locations, software applications, or operating system details.

Stage 2: Weaponization

In this phase, the attacker creates an attack vector, such as remote access, malware, ransomware, a virus, or a worm, that can exploit a known vulnerability. They may also create back doors in case their original entry point is identified or closed by network administrators.

Stage 3: Delivery

At this stage, the intruder launches the attack, depending on the type of attack they will carry out. e.g., through sending out an email attachment or a malicious link, which will spur the receiver to respond or carry out the action plan designed by the malicious agent.

Stage 4: Exploitation

The malicious code is executed within the victim’s system.

Stage 5: Installation

Following the exploitation stage, the harmful virus, malware, or attack vendor will be installed on the victim’s system. This is where it gets dangerous for individuals or organizations that have fallen prey to these threat actors, as the installed attack vendor means that the cyber-attackers could now assume control.

Stage 6: Command and Control

The attacker can use the attack vendor or malware to assume remote control of a device or identity within the target network. The attacker may also move more laterally through the network, expanding their access and establishing more entry points in the future.

Stage 7: Actions on Objectives

The attacker takes steps to carry out their intended goals, which may include data theft, destruction, encryption, or exfiltration.

With time, many information security specialists have expanded the kill chain to include an additional step: monetization.

Stage 8: Monetization

Many people who carry out cyber-crime activities expect something in return, and oftentimes, money comes into play. Cybercriminals often demand a ransom be paid by the victim of the cyber-attack, or sell sensitive information, such as personal data or trade secrets, on the dark web.

Many IT specialists, including cybersecurity experts, are in demand in Malaysia as they are the first line of defense in countering or stopping cyber-attacks on their organization in the early stages of the cyber-attack lifecycle to minimize or significantly reduce the risks that the organization could assume in case a cyber-attack gets out of hand.

What are government agencies doing to tackle cyber-attacks?

In Malaysia, the National Cyber Security Agency Malaysia (NACSA) is responsible for streamlining all cyber security planning, development, and implementation. The Ministry of Information, Communication, and Culture (KKMM) and its agency Cybersecurity Malaysia are also proactive in ensuring the safety and well-being of the country’s cyberspace.

According to the National Security Council director general, Datuk Rodzi Md Saad, two major contributing factors have led to the rise of cyber-attacks caused by security system vulnerabilities, as highlighted in the data released by NACSA. They include low awareness of cybersecurity and the use of easily predicted passwords.

With, Datuk Rodzi advised organisations to adopt a reinforcement policy like face authentication or specific recognition and to stop giving out information on unsecured sites.

NACSA also plans to roll out the National Cybersecurity Awareness Master Plan to boost awareness and knowledge in cybersecurity by the end of 2023.

The Malaysia Cyber Security Strategy 2020-2024 has also been released by the Malaysian National Security Council (MKN) on how the government plans to tackle cybersecurity issues and raise best cybersecurity practices in organizations. The full report can be found here:

https://asset.mkn.gov.my/wp-content/uploads/2020/10/MalaysiaCyberSecurityStrategy2020-2024.pdf

Steps that organizations can take to counter cyber-attacks

You might wonder, “What can organizations do to combat cyber-crimes? These are some of the best cybersecurity practices, as recommended by the British-based security software and hardware company Sophos, for organizations to safeguard important data and assets, which are:

1) Take a proactive, not reactive, approach.

Organizations need to always assume that their valuable data and assets are susceptible to malicious agents and that they need to hunt for threats before their properties get compromised.

2) Monitor for early signs of compromise.

The easiest way to tell if your information has been compromised. This includes using credentials for remote access/administrative purposes outside of operating hours. The other could be the abuse of system administration tools to conduct surveillance.

3) React as quickly as possible.

If your organization or system has come under attack by cyber-attackers, don’t just be a sitting duck. Get your cybersecurity specialists to take

4) Invest more in awareness and education at all levels

It is not only the responsibility of the cybersecurity specialists in your organization to counter cyber-crimes, but also the responsibility of every member of staff. Train them to take better security measures by investing in them and putting them through cybersecurity training.

5) Request help

Don’t hesitate to contact external cybersecurity services for help. The threat landscape has grown more complex, and cybercriminals have become more sophisticated. External cybersecurity experts can detect and respond to cyber-attacks on your organization’s behalf.

What can you do to counter cyber-attacks?

As an individual, however, what are some protective measures you can take to secure your computer from hackers? As detailed on chubb.com, here are some recommendations to protect yourself from hackers:

I – Choose your apps wisely.

Only download apps from trustworthy sources.

II – Turn off anything you don’t need.

Hackers can use certain features on your phone to get your information, particularly through GPS, wireless connections, and geo-tracking. Hence, turn off certain mobile apps when not using them.

III – Use a strong password, lock code, or encryption.

A strong password typically contains at least eight characters, has a symbol, includes numbers, and has a mix of uppercase and lowercase letters. You are also advised to avoid using the auto-complete feature for passwords. You may use the storage encryption feature on your phone to protect your private data and set your screen timeout after five minutes or less.

IV – Don’t access personal or do personal banking on public Wi-Fi

Avoid opening your mobile banking app or making purchases using your credit card using public Wi-Fi. Do these activities using a secure connection.

V – Be more cautious when opening links and attachments.

Phishing is one of the most common tactics that cybercriminals use to steal your information, often through sending fake messages. Not sure about the source from which the attachment or link came? Avoid opening them!

VI – Trace or erase

If you lose your mobile device, ensure that your data has been secured. Set up your device in a way that it locks itself if several failed log-in attempts are made.

Cybersecurity is an in-demand profession in Malaysia. If you want to learn more about becoming a cybersecurity expert in Malaysia, please visit https://newhorizons.my/.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.