Malaysia’s Finance Minister Tengku Datuk Seri Zafrul Tengku Aziz made waves earlier this month at the 2023 budget meeting by proposing the allocation of RM73 million towards CyberSecurity Malaysia (CSM). The budget is allocated to strengthen the country's cybersecurity resilience. He also lauded the establishment of a National Scam Response Centre, which synergizes well with the proposed budget allocation.
Several tech companies shared their views on the announcement, supporting the Malaysian government's commitment to elevating the country's digital security landscape.
The proposed budget surplus will not only elevate the nation's cybersecurity but will also serve to increase stakeholder and end-user confidence, while boosting business competitiveness – a goal that aligns with Malaysia's sustained drive towards becoming a resilient and sustainable nation.
Goh Chee Hoh, the managing director of Trend Micro Malaysia and Nascent Countries
The Malaysian government’s swift action has pushed a spotlight onto other countries to increase funding and the responsible consideration of cybersecurity needs on a global scale.
The Government’s Roles and Responsibilities in Improving Cybersecurity in Malaysia
Governments are meant to provide essential tools and defenses for all its citizens and in an age of digital transformation and innovation, the imperative for legislated cybersecurity measures is higher than ever.
Apart from the need to actively elevate awareness of cybersecurity threats to the general public, governments have to instill advanced cybersecurity measures that will ensure the safety of their citizens and infrastructure. The risk of critical government infrastructure infiltration must be considered, especially with the alarming number of cyber-attacks on the rise.
Cyber-criminals have begun to use sophisticated malware to breach critical areas in governments. It allows them to destabilize or completely halt essential functions. State-sanctioned cyber warfare is also a prevalent threat to government infrastructure in such a volatile political landscape that needs to be considered.
Governments cannot succeed in cybersecurity without providing secure and enhanced digital connections for the enrichment and maintenance and economies alike.
According to Mckinsey, there are 5 elements necessary for governments to successfully implement national cybersecurity strategies:
- Having a dedicated National Cybersecurity Agency in place.
- The implementation of a National Critical Infrastructure Protection program.
- National incident response and recovery plan.
- Defined laws about all cyber crimes.
- A vibrant cybersecurity ecosystem.
Cyber-attacks are an inevitable part of our lives. The development of national incident response and recovery plan to mitigate the effects of cyber incidents and improve recovery time will prevent any major data and fiscal damages.
The same Mckinsey report goes on to elaborate that governments should focus on two success factors when developing their cybersecurity laws to prevent, investigate, and take action against cybercrimes.
1. Robust substantive and procedural cybersecurity laws
Deciding which aspects of cybersecurity to legislate and which aspects to provide guidance on without necessarily imposing any legal penalties will help governments. The guidelines set out by the Budapest Convention form a great framework for cybersecurity legislation. The convention was an international treaty governing cyber laws that were agreed upon by more than 60 countries and recommends that countries enact two categories of laws: substantive and procedural.
- Substantive laws will define the different types of cybercrimes, including copyright infringement, computer-related fraud, child pornography, and violations of network security, and their corresponding punishments.
- Alternatively, procedural laws will define the authority and responsibilities each country must keep in mind while implementing the laws. Both of these need to be updated regularly to align with the ever-dynamic landscape of cybercrime.
2. International cooperation and collaboration
Cybercrime is an international problem that makes it critical for governments globally to participate in interactive forums to establish intelligence and threat-sharing partnerships with one another and to collaborate on preventing and investigating cybercrimes.
Deloitte has inferred that while the adoption of digital infrastructure in governments has improved functionality, their response to cybercrimes still has a lot of catching up to do, but, not in isolation. To enact an advanced level of cyber defense, the government’s role should expand to securing public and private networks. In these new roles, governments should provide cybersecurity support to small and medium-sized enterprises, as well as the general public.
The greater collaboration between global governing bodies and corporations to instill cybersecurity on a fundamental and legislative will ensure fully encompassing cyber protection.
Cyber-attacks Against Governments
While government agencies can hope to reap the benefits of installing newer and innovative technologies, the threat of cyber security exposure must be brought to attention. Governments hold incredible amounts of sensitive data and also nation-dependent functions on their digital infrastructure. Several incidents show that a cyber-attack could cripple an entire country.
The Cost Rica Government Ransomware Attack
This is evident in the recent attack on Costa Rica wherein President Rodrigo Chaves Robles had to announce a national state of emergency after a series of ransomware attacks halted the Central American country’s economy. The declaration followed a series of ransomware attacks that affected several branches of government and the public sector at large.
Cyber Attack on Atlanta Government
Other attacks on government entities include the Atlanta cyber-attack in March of 2018, which saw a ransomware crash in the City of Atlanta’s government services.
Almost a third of the city’s software programs were pushed offline and 3,789 computers were infected. The incident impacted critical police services and the city’s court system and led to 17 million dollars of damages to taxpayers. A ransom of $51,000 paid in bitcoin was demanded the release the government’s data - which the city declined to pay. In December 2018, the Department of Justice indicted Iranian nationals for their role in the cyber-attack.
Wanna Cry Ransomware on UK’s National Health Services
The WannaCry ransomware attack in 2017 against the United Kingdom’s National Health Service affected almost 19,000 patients and inflicted losses of up to 125 million dollars. The attack was launched by North Korea and infected up to 200,000 computers in 150 countries - including devices owned by the UK’s National Health Service, Spain’s Telefónica, and several financial institutions.
Cyber-criminals are becoming more advanced in attacking crucial governing bodies and finding vulnerabilities to exploit, which end up having devastating ripple effects for entire populations. Local and national governments need to be better equipped to withstand cyber-attacks and ensure that secure and comprehensive cybersecurity solutions are installed all across their institutions.
Sangfor Malaysia Cybersecurity Solutions
Sangfor offers range of products, solutions and services for Malaysia Cybersecurity. Sangfor Technologies is a world-class cybersecurity and cloud computing company that offers intensive, integrated, and advanced ransomware prevention and comprehensive protection from any cyber-attack.
Sangfor’s Security solutions for ransomware are the only complete, holistic security solution to prevent and mitigate ransomware attacks in real time.
Sangfor Cyber Guardian is Sangfor’s Managed Detection and Response (MDR) service. Sangfor Cyber Guardian seamlessly integrates human and machine intelligence to help organizations detect and respond quickly and accurately to security threats. It is powered by Sangfor’s state-of-the-art AI-based threat detection and response engines, which pull in global threat intelligence to enhance detection accuracy.
Sangfor Cyber Command NDR platform provides automated responses to threats – with AI and machine learning technology to help your company isolate, analyze and eliminate potential threats before they can infiltrate your system and cause any damage.
While Sangfor’s advanced Next Generation Firewall (NGAF) uses advanced surveillance to protect your entire security network with help from Endpoint Security to root out any malicious threats.
For more information on Sangfor’s cyber security and cloud computing solutions, visit www.sangfor.com.
Contact Sangfor Malaysia
Office Address:
No. 45-10 The Boulevard Offices
Mid Valley City
Lingkaran Syed Putra
59200 Kuala Lumpur
Malaysia
Operating Hours: 08:00 AM - 5:00 PM Mon – Fri)
Local National Number: +60 (3) 2702-3644
Email Address: marketing@sangfor.com
