Posted on February 1, 2021 at 4:15 PM
After a long period of absence in the cybercrime space, the group of hacktivists known as Anonymous Malaysia seems to have resurfaced. The group is pledging an organized cyber-attack on several government websites.
In a recent video released by the group in their social media account, they pointed out that their activities should serve as a warning to the Malaysian government. According to the group, the government has been silent over the sales of personal information of Malaysian citizens.
“Your security system is low, all data may be leak [sic]. This can cause unwanted hackers selling all information,” the group pointed out in the video.
The video lasted for 2.30 minutes. It featured a man wearing the Guy Fawkes mask, which is synonymous with the global anonymous movement.
The man was reading a written text with an overlaid voice to hide the original voice of the reader.
The group stated that the attack on several government websites is part of their #OpsWakeUp21 cyber attack, and urged the government to be more proactive towards the privacy protection of its citizens.
The group announced via their Facebook page that they have already broken into the security firewalls of five government websites.
The alleged victims are;
- Selayang Municipal Council website
- Construction Industry Development Board (CIDB) website
- Royal Malaysian Customs Department website, and
- Perak State Government website
- Sabah State Government website
Anonymous Malaysia has also shared screenshots of the attacked websites with defaced images such as a short apology statement, email contact, and Cyberpunk’s logo.
An established presence in Malaysian cybercrime space
The group has been in existence for several years and a constant threat to the smooth operation of government servers. In 2015 the group demanded that Datuk Seri Najib Razak, the then Malaysian prime minister, should resign following several issues that confronted the prime minter’s administration.
Anonymous Malaysia stated that the attack occurred because the developers of the digital assets do not receive any support from Putrajaya, and they don’t have claims to the ownership of their codes.
The group also gave reference to the telecommunications company data breach that impacted over 46 million mobile users. It also pointed last month’s cyberattack against the Malaysian Armed Forces.
Attack not yet confirmed on mentioned websites
The Malaysian police have stated that it hasn’t received any report on the compromise of any government website following the warning by the hacktivist group.
According to Zainuddin Yaacob, the director of the Commercial Crime Investigation Department at Bukit Aman, the cybercrime division of the police is ready to step in to curb the crime.
He also added that the police will investigate if the cyber attackers want to compromise the national security system.
More security needed for government websites
John Shier, Senior Security Advisor of cybersecurity firm Sophos, revealed that the nature of data government agencies possess makes it paramount to have a stronger security framework. According to him, the government should make it almost impossible to breach its website’s security.
And any proposed or planned attack on the government’s infrastructure should not be taken with a pinch of salt, based on the critical information they keep.
Shier further stated that it will be almost impossible to predict future actions if there is no inside knowledge about the perpetrators and their capabilities.
He also revealed that there are several ways the government and other institutions can take to protect their systems from cyber-attacks. They can start by using a strong authentication protocol. They can also develop threat hunting capabilities and have the latest threat prevention technologies to keep their systems safe.
Advisory issued to all government agencies
Shortly after Anonymous Malaysia released their threats on government establishments, the National Security Council (MKN) issued an advisory to that effect.
The council stated that all government agencies should beef up their security framework to prevent or reduce the impact of the attack on their systems.
MKN also stated that the government is taking the threat of the country’s “critical systems” very seriously. It added that there is an outlined guideline for government agencies to reinforce their IT infrastructure security.
MKN has also partnered with the police and NACSA to provide strong security measures against the attack by Anonymous Malaysia and other countries.