A hacker group R00TK1T ISC CyberTeam has made a threat to launch a cyber attack on Malaysia’s digital infrastructure. While the group didn’t provide any specific details in its announcement, it is enough for the National Cyber Coordination and Command Centre (NC4) to issue an advisory regarding the attack over the weekend.
Malaysia’s cybersecurity command centre acknowledges the treat
In the advisory dated 28 January 2024, NC4 said R00TK1T announced its plan on its Telegram group on 26 January. The multi-agency cybersecurity team believed that the hacker group was part of a “retaliation team” that acts upon cyberattacks ignited by the ongoing conflict in the Middle East.
N4C also pointed out that the group usually exploits known vulnerabilities while also obtaining assistance from insiders and disgruntled employees in order to carry out its cyberattacks. As R00TK1T campaigns could last for weeks, the centre is asking all organisations to immediately strengthen their digital infrastructure.
R00TK1T previous attacks
Prior to its newly announced threat to Malaysia, R00TK1T claimed to have attacked several high-profile targets in the past few months. Among them is the French cosmetic company, L’Oreal in which the group claimed to obtain its “inner workings” and order database.
The group has also claimed that it managed to hack its way into Qatar Airways. Among the data that it apparently managed to extract included internal documents, interview recordings, Toolbox Remote Data package for the carrier’s Boeing 787 fleet, and access to its Airbus A350’s navigation software.
While there might not be substantial proof to back up these claims, the threat by R00TK1T is something that still needs to be taken seriously. In a previous advisory released by NC4 dated 26 October 2023, there has been an increased number of cyberattacks in Malaysia as of late and the centre is already anticipating increased attempts by pro-Israel threat actors, given our country’s pro-Palestine stance.
