Prime Minister’s Department: Over 1,500 cyberattacks launched at ministries’ infrastructure systems

There have been over 1,500 cases of cyberattacks launched against Malaysian ministries’ infrastructure systems in 2024 alone. Specifically, 1,547 attacks were reported as of September this year.

Dr Zaliha Mustafa, Minister in the Prime Minister’s Department (Federal Territories), ensured that all of the attacks were successfully detected and taken care of by the National Cyber Security Agency (Nacsa). This is thanks to their constant efforts in monitoring and taking immediate action against cyber threats.

“The National Security Council (MKN) and JPM (Prime Minister’s Department) also played its role in dealing with cyberattacks,” added Dr Zaliha Mustafa via a written parliamentary reply to a question from Datuk Suhaimi Nasir.

Datuk Suhaimi Nasir asked about the number of cyberattacks on ministries’ infrastructure that were detected from 2022. He also raised the question of whether the security measures the nation currently has in place are capable of repelling those attacks.

National agencies are equipped with the latest antivirus software and cybersecurity measures

Dr Zaliha mentioned that the National Cyber Coordination and Command Centre (NC4) will continue to provide all government agencies with recommended best practices, to ensure that the government’s cyberinfrastructure is secured and able to repel cyberattacks.

“This includes ensuring agencies are equipped with the most up-to-date anti-virus software and have strong cybersecurity measures in place,” she added.

The Minister said that the NC4 will help develop and implement service continuity plans, in case any system is ever compromised. NC4 would also explore the use of multi-factor authentication (MFA) and have frequent reviews of agencies’ network segmentation. According to Dr Zaliha, this is done so that possible security threats can be prevented from being spread across an agency’s network.

Since the 26th of August this year, Malaysia has started enforcing the Cybersecurity Act 2024 (Act 854). Aiming to strengthen national cybersecurity, the act requires an authorised person to make an initial report to NC4 within six hours of discovering a cybersecurity incident or potential threat. This involves attacks on information regarded as critical to the country, such as defence, finance, water, and healthcare services.

Diminishing number of cyberattack cases launched against government agencies

Based on statistics from Nasca and MKN, there were 1,633 cyberattacks launched against government agencies in 2023 alone. However, this is already a significant decrease compared to the whopping number 4,378 cyberattacks reported against government agencies in 2022.

[SOURCE, IMAGE SOURCE]