Do not become a victim of hackers, avoid the risk of data leakage

Do not become a victim of hackers, avoid the risk of data leakage

KUALA LUMPUR: The habit of using five personal details namely full name, identity card number, mobile phone number, home address and email as a password exposes users to manipulation by hackers.

Sharing this matter, the President of the Malaysian Cyber ​​Consumer Association (MCCA) Siraj Jalil said that most users build security keywords based on the five pieces of information because they are easy to remember.

However, it actually makes it easier for hackers to carry out exploitation activities, especially involving banking institution accounts.

“It’s like human psychology… we tend to build passwords that are easy to remember so we’ll build from the surrounding information.

“For example, the last four digits of the identity card number are ‘0000’ and the email address also uses the same number… the possibility of other passwords being built based on that number is also high.

“Perhaps for some people the information is considered normal given to the public but it is necessary to be careful especially for users who like to use the information around them for passwords,” he told Bernama recently, adding that there have been several cases of user account intrusions especially involving financial institutions when hackers cunningly obtained the five personal information.

CARELESS USER ACCOUNTS

Describing today’s users as more vulnerable to the threat of cybercrime, Siraj said that every piece of information, including online financial transactions, also has risks.

In March 2022, local media reported as much as RM2.23 billion in losses recorded in a five-year period from 2017 to June 2021, as a result of cybercrime in this country.

Based on the results of the study, the book ‘Cyber ​​Crime in Malaysia: The Widespread Impact of the Internet’ published by the Public Security Institute of Malaysia (IPSOM) states that almost 70 percent of commercial crime cases are now categorized as cyber crime cases.
Citing a Bernama report on 11 August 2022, Malaysia recorded more than 20,000 cybercrime cases in 2021 which caused a loss of RM560 million.

The recorded cases include cyber bullying, forgery, trespassing, data fishing and email fraud which is seen to be increasing every year.

“There are two directions that need to be explained in the aspect of data leakage, namely data confidentiality and data sovereignty.

“Data confidentiality may be difficult to determine but users can streamline data sovereignty which means users know what their data is used for and for what purpose. This is what we are fighting for the security of user data as a whole,” he said.

BLOCKCHAIN ​​TECHNOLOGY

Touching on the basics of data storage technology, Siraj said that it is stored in the server and controlled by the person who takes care of it.

According to him, the parties concerned are responsible for safeguarding data from being hacked but there is a possibility that what happens in cyber crime activities is due to the failure of the guardians, the expertise of hackers to overcome the cyber security system as well as issues of internal integrity and ethics of the organization.

If the ‘guardian’ fails to take care of the cyber security of the data, hackers can enter the server and steal the data, or even worse modify the data.

“In an effort to curb the issue of data leakage and protect data from being modified by hackers, blockchain technology or block chain technology should be used in the cyber security industry.

“Blockchain technology, which is synonymous with ‘Bitcoin’, refers to data decentralization technology, different from data storage technology in a server (centralized data) because every data transaction process that is made needs to get confirmation from the community (account owner) involved first.

“With blockchain technology, we can access and track transactions that have been done since the beginning, in addition to transaction data such as the digital address of the sender and recipient, the date of the transaction and the amount of the transaction can be accessed and tracked. The data stored in the block cannot be changed or updated,” he said. adding, the blockchain is located in a public network without any authority controlling the data thus supporting the principle of data transparency.

However, Siraj said, there are constraints to implementing the technology comprehensively, including high cost issues, who will be responsible for regulating blockchain technology and the willingness to change from conventional data storage methods.

“There is no denying that there are many constraints to implement this change even though it is proven to be able to protect user data from cyber crime activities, therefore, almost all organizations still use server data storage methods such as Cloud, Google Cloud, Web Services or Alibaba Cloud.

“Almost all large companies will create a data center in the country and will store data there. It’s just that when the data is stored under the owner of the data center, the question arises as to what guarantee the party that stores the data and takes care of the data will not misuse the data?

“The existence of integrity issues involves trust in the party holding the data. There are too many issues of data being stolen or data leaking as if it is too easy to get it,” he said, adding that the high demand for some data makes data buying and selling activities more lively in the black market.

In commenting on the actions of a group of hackers who used “grey hat” code, broke into the ePenyata Salary system of Malaysian civil servants recently and issued almost two million payslips and tax forms, he said that ‘intelligent scam’ activities usually allow hackers to obtain various user information including financial status next access to their account.

BEWARE OF ACTION

Meanwhile, Digi Telecommunications Sdn Bhd’s Head of Data Protection, Kulani Geeta Kulasingam said that users should always be vigilant when using the Internet to protect their personal information.

She suggested that users create passwords with unique identification and beware of any suspicious phone calls and at the same time understand the basic needs in cyberspace.

“Users should not arbitrarily download any file because it is feared to contain malicious software (malware) designed to track their every data.

“It is necessary to be more careful using social media such as not uploading any form of information that reveals our own identity. For example, we upload a message such as home address, workplace, school location or so on that allows other individuals to impersonate us ,” she said, adding that the best method that can be implemented through social media is to change personal information settings only to a list of trusted friends.

She also suggested that users immediately contact the financial institution involved or change passwords that are almost the same for all accounts, if they realize their information has been leaked.

“This is a method to prevent identity fraud in cyberspace and users can also activate two-factor passwords as a security measure. (Two-factor passwords or 2FA – Two Factor Authentication refers to- after the user enters the password, the account involved will send a security code to phone number or email)

“People today are becoming more knowledgeable about personal data issues and we will continue education especially regarding safe data care. Users need to be exposed to safe behavior when in cyberspace thus reducing the risk of becoming a victim of cyber intrusion,” she said.

DIGITAL COMMUNICATION ILLITERACY

Sharing his views, Senior Lecturer at the School of Multimedia and Communication Technology who is also the Head of the Advanced Communication Research Unit (ACRU) at Universiti Utara Malaysia (UUM) Mohd Khairie Ahmad said that the weakness or more precisely, lack of knowledge of digital communication worsens the phenomenon of data leakage.

For him, the level of awareness and understanding of the intricacies of cyber security among the community is low compared to the very high level of use, which is 98.9 percent of the population aged 16 to 64 use smartphones while 89.6 percent of Malaysians access the Internet.

“The imbalance in the level of use and the level of cyber security practices is one of the main causes of data leakage. We are good at using but not smart at managing digital communication.

“Our society also often takes the approach of wanting to be quick and easy in using devices or applications online with less risk assessment of their actions. In addition, the inability to analyze risk or make judgments about cyber communication also contributes to this problem,” he said.

According to Mohd Khairie, the economy in today’s cyber communication era driven by information has made various forms of data a commodity or basis for the majority of products and services, and a quick method is to acquire data through applications developed by various organizations.

The use of applications, he said, has now become a culture not only related to business but also involving social affairs and community entertainment.

Many are unaware that this phenomenon puts them at high risk of threats and cyber security through the sharing of various information requested to activate related applications.

“Excessive application culture and excited and follow-along attitude risk inviting losses to netizens. On the other hand, the authorities related to digital and cyber communication should look for more robust methods of control and supervision.

“For example, any organization that wants to publish any application needs to get the approval and recognition of the Malaysian Communications and Multimedia Commission (MCMC) or the National Cyber ​​Security Agency (NACSA).

“In fact, the authorities can introduce certification to applications produced in this country. This step is to ensure the safety and risk of the application to the community. We need a ‘shortcut’ to protect netizens who may take a long time to become cyber security literate,” he explained.

MENTAL HEALTH THREATS

The more data is leaked, the higher the risk of loss that the country will experience.

A total of 12,092 financial crime cases of online fraud with a loss value of RM414.8 million were reported from January to July 2022. In the period from 2019 to July 2022, a total of 33,147 suspects in cyber crime fraud cases were arrested with 22,196 cases successfully accused in court.

“This situation will immediately affect investors since it affects the business ecosystem. I also see that with the increase in losses due to the cyber threat of a string of data leaks, it will increase the threat to the mental health of the community. Certainly those who lose, experience emotional and psychological stress,” he added that data leakage risks creating negative spillover effects on the well-being of the community.

Believing that efforts to curb the issue of data leakage require the comprehensive involvement of all parties, he said, from a legal point of view, the government is advised to review Act 709 or the Personal Data Protection Act 2010 so that more serious responsibilities are imposed on those who collect and store digital data in particular.

“From a governance point of view, ISO 27001 culture can be practiced by organizations to provide an information security management system according to international standards,” he said, adding that the authorities also need to act decisively against any party that fails to provide a safe cyber ecosystem.

At the same time, Mohd Khairie stressed that awareness of cyber security literacy should be increased among the community at every age level, including involving the practices and rights of cyber consumerism, and users need to be brave enough to demand the refusal to provide sensitive information in the use of mobile applications.

source – BERNAMA

hipz.my

CATEGORIES
Share This

COMMENTS

Wordpress (0)
Disqus (0 )