Exact matches only
Search in title
Search in content
Search in comments
Search in excerpt
Search in posts
Search in pages
Search in groups
Search in users
Search in forums
Filter by Categories
Banking Security
Cyber Attacks
Cyber Defence
Cyber War
Cybersecurity jobs
Data Privacy
IT Governance
List of Archives
Mobile Security
Security Awareness
Security Events and Seminars
Security Reports
Security Risk
Web Defacement
Wordpress Vulnerability
More than 2,100 servers in Malaysia have been hacked, says cybersecurity agency

Over 2,100 servers’ information has been sold to hackers on underground cybercrime shopping website xDedic.

Malaysia’s national cybersecurity agency said it detected intrusions in several local servers for years and issued advisories to victims but ignorance was still making them easy targets for hackers. 

It was found that over 2,100 servers have been compromised and their access sold to hackers for as low as RM29 (S$9.50) up to RM24,600 on an underground cybercrime shopping website, xDedic, the “eBay of cybercrime” where hackers shop access and passwords for infiltrated servers worldwide for criminals to buy.

These servers belong to government agencies, banks, universities and businesses, said computer security company Kaspersky Lab, which unearthed the market.

Once in the server, hackers can have all the personal information of users attached to that server.

As at June 15, there were 70,624 hacked servers up for sale. Malaysian servers were the 10th most in demand, it said.

CyberSecurity Malaysia chief executive Amirudin Abdul Wahab said his agency would work with Kaspersky Lab to get more details on the compromised servers and offer assistance in fixing the intrusions.

But that will be difficult, if the victims do not know they are victims or had taken a lackadaisical approach to cybersecurity, he said.

“Cybersecurity is everyone’s responsibility. People thought having a firewall is enough but the most vulnerable part of cybersecurity is still people. You can have a firewall but when a worker opens something with his computer, it gets in.

“Then many don’t have the proper process of managing things, you have to cover the whole ecosystem in cybersecurity,” he said.

Dr Amirudin said companies may engage the agency’s Cyber DEF service to skim their servers for intrusions and to clean and plug any weaknesses.

The Kaspersky Lab report comes as Science, Technology and Innovation Minister Datuk Seri Madius Tangau called for Malaysian companies and agencies to have more cyber resilience and adopt better practices that would allow them to recover quickly from cyber attacks.

“In today’s cyber threat scape, we need to recognise that security goes beyond systems, software or IT departments. Cyber resilience focuses on the preventive, detective and reactive controls in an IT environment to assess gaps and drive enhancements to the overall security posture of the entity,” he said during a soft launch for Cybersecurity Malaysia’s Award, Conference and Exhibition on Thursday (June 16).

The conference and exhibition will see industry experts discussing the latest threats to cybersecurity and preventive measures that need to be taken.

Source: http://www.straitstimes.com/asia/se-asia/more-than-2100-servers-in-malaysia-have-been-hacked-says-cybersecurity-agency

  • anonimos

    some malaysian developers and company boss does not care about protecting their website.

    Sometimes the portal was only hacked by *script kiddies using very simple sql injection* and yet they challenged the script kiddies to hack cybersecurity, pentagon cia ?

    You lost your RM 15 watch because you left it on the park and yet you blame the robber for stealing it ?