Sustaining a Blue Economy

World Ocean Day was just celebrated on 8th June and Malaysia has one more reason to celebrate – Coral Triangle Day, an initiative of which six member countries are part of.

With a coastline of 4,492 km long, Malaysia has been a maritime country that relies heavily on economic maritime activities such as fishing, aquaculture, oil and gas, shipping and tourism.

Past studies indicated that marine industries contributed to almost a quarter of the country’s gross domestic product (GDP).

Malaysian waters cover an area of 453,186 km2, of which about three per cent has been designated as marine protected areas (MPAs) by various legislation. MPAs here typically refer to Marine Parks and Fisheries Prohibited Areas.

According to a biodiversity report by the Ministry of Natural Resources and Environment, we are rich in marine biodiversity and very diverse in marine habitats especially among the coral reefs.

Our coastal zones are most biologically diverse area thanks to the presence of reefs.

We are reported to host 612 species of corals, a figure representing 77 per cent of the world’s coral species!

We are also home to 1,619 species of marine fishes, and four out of seven marine turtle species nest on our beaches – the Green Turtle, Hawksbills, Olive Ridley and Leatherback Turtle.

No wonder we are recognised as one of the 12 mega-diverse countries in the world!

One could imagine the beauty of our underwater world.

Regionally, an area known as the Coral Triangle geographically spanning across six countries in Southeast Asia and the Pacific, hosts 76 per cent of the world’s coral species and 37 per cent of reef fish species.

It is also a haven for thousands of whales, dolphins, sharks, rays and six marine turtle species.

Deemed “the nursery of the seas”, the Coral Triangle is one of the Earth’s three great ecological complexes, the other two being the Congo Basin and the Amazon Rainforest.

Unfortunately scientific studies have shown that 90 per cent of the Coral Triangle’s resources are threatened by commercial activities such as over-fishing, unsustainable fishing practices, pollution from land and increasingly by climate change.

The use of cyanide and dynamite in harmful fishing practices for example, jeopardise our coral reefs.

Higher sea-surface temperatures as an effect of climate change trigger coral bleaching.

Our corals are also harmed by land pollution, alteration to coastline habitats and physical damage by tourism and ships.

With this richness in marine biodiversity and the threats this Triangle faces, in 2009 Malaysia and five other countries – Indonesia, Papua New Guinea, the Philippines, Solomon Islands and Timor-Leste – joint efforts through the Coral Triangle Initiative to work together to sustain and this incredible marine and coastal resources. We want to tackle food security issues, climate change and conserve its biodiversity.

Outside this region, several countries have established state-of-the-art oceanography institutes mainly to advance research in oceanography, to centralise its data repository, and to make well-informed marine and ocean policy recommendations to their governments.

One renowned institute is the Woods Hole Oceanographic Institute in the U.S. With an employment of about 1,000 staff including scientists, engineers, information technology professionals and in ship and vehicle crew, it operates on an annual budget of USD 215 million (RM 919 million), pledging to guide mankind stewardship of the environment and to help the state make evidence-based decisions about the ocean.

Closer to home is the Japan Agency for Marine-Earth Science and Technology. With a niche in fundamental research, this agency oversees several research institutes and received a staggering JPY 335,000 million (RM 11. 129 billion) budget from the Japanese government, on top of the JPY 472,000 million (RM 15.681 billion) budget for its Japan Trench Fast Drilling Project.

Such is the commitment of these countries in understanding and sustaining the ocean.

In Malaysia through the Ministry of Science, Technology and Innovation (MOSTI), the National Oceanography Directorate was set up close to two decades ago as a national reference centre for research and development in oceanography and marine sciences in the country.

In the Coral Triangle Initiative especially, MOSTI works very closely with the Sabah state government namely Ministry of Agriculture of Food Industry, Department of Fisheries Sabah, Ministry of Tourism, Culture and Environment Sabah and Sabah Parks.

Image may contain: 8 people
With some participants of the 6th Coral Triangle Initiative on Coral Reefs, Fisheries, and Food Security Ministerial Meeting in Papua New Guinea, November last year.

Marine parks are set up to conserve marine life and their habitats. There are six marine parks in Sabah, with the most recent one the Tun Mustapha Marine Park, the largest in the country, that is located in the northern region at the Kudat Banggi Priority Conservation Area and encompassing about 50 islands.

This year MOSTI is collaborating with Universiti Malaysia Sabah and Institut Penyelidikan Marin Borneo in celebrating World Ocean Month and Coral Triangle Month from 16th June to 15th July in the local neighbourhoods.

Activities are designed to be inclusive, catering the entire family and people with special abilities, so each member of the public are welcome to attend. You could search “Malaysia National Oceanographic Data Centre – MyNOCD” on Facebook for its outreach program details.

As much as we have done much in oceanography, we have yet to fully take advantage of the economic benefits of our territorial sea and our exclusive economic zone (ECZ). We also lack adequate information on whether particular industrial practices at sea are sustainable or under developed.

It would be timely for the government to review our decades-old policies and management related to oceanography. The reviewed policies should allow us to explore new marine industries such as renewable energy from the ocean, marine biotechnology, marine tourism and the farming of marine organisms.

Equally as important is to allocate sufficient resources for such oceanographic initiatives.

Governing the ocean might be as challenging as it sounds – a number of agencies would have to work together to implement the same policies to avoid duplication and it might be difficult to point out who should take the lead.


Setting High Standards

Hari Raya Aidifiltri will be celebrated in two weeks’ time.

Beginning a week before the festival Malaysia would see one of her largest exodus of the year, as people trickle out of the cities or as we all know as “balik kampung”, traveling back to their hometowns to spend the occasion with their families.

Many would also be taking advantage of the long weekend for a vacation.

In 2016, 20,294 road accidents and 273 fatal incidents were recorded under the traffic safety operation Ops Selamat 9/2016 from June 29 to July 17, in conjunction with the festivity.

Overall our country was listed as among countries in the world with the highest fatal accident rates last year, although the number of fatalities during Ops Selamat 9/2016 decreased from the previous year.

For every 10,000 vehicles registered in the country, 2.55 deaths were recorded.

We aim to reduce this rate to two by 2020.

Our efforts in reducing road tragedies include promoting safer vehicles and roads, besides advocating for safe driving. The Department of Standards Malaysia or Standards Malaysia plays a role in improving consumer safety.

An agency of the Ministry of Science, Technology and Innovation, Standards Malaysia is the National Standards Body and the National Accreditation Body.

By complying with the standards set by them, consumers can be confident of the “quality, safety, reliability, efficiency, compatibility, cost-effectiveness and sustainability” of products and services across 24 economic sectors.

In transport, Standards Malaysia has developed 252 standards, including our first ever national standard on protective helmets by specifying their minimum performance criteria and test requirements.

This standard is a benchmark in creating quality helmets to protect our motorcyclists on the road.

Other products that have Malaysian Standard (MS) are pneumatic tyres, airbags, seat belts, replacement brakes, lighting and signalling devices and electric motorcycles.

Most of these MS are made mandatory by regulatory bodies such as the Ministry of Domestic Trade, Co-operative and Consumerism, and the Road Transport Department. Out of the 252 MS in transportation, 17 are made mandatory. Consumers can then recognise safe and quality products through their certification labels.

In fact we have just hosted the 39th International Organisation for Standardization (ISO) Committee on Consumer Policy conference last month, where almost 150 delegates from 37 countries discussed their commitment in building safer roads and vehicles for consumers.

Malaysia through Standards Users, a non-profit organisation that represents the interest of users and consumers in standards development and endorsed by Standards Malaysia, is the current Chair of this committee.

From left, 1. Ms Ratna Devi Nadarajan, CEO of Standards Users cum Chair of ISO Committee on Consumer Policy
2. Datuk Marimuthu Nadason, President of FOMCA
3. Datuk Fadilah Baharin, DG of Standards Malaysia
4. Me  5. Mr John Walter, ISO President-elect 
6. Dato’ Paul Selva Raj, CEO of FOMCA

Most of the time, standards can facilitate innovation, economic growth and competitiveness in international trade. 

In the case of road safety, standards can even save lives.

But I always caution that over time, the government needs to address standards that could grow obsolete, are non-existent when in demand or become so restraining that innovation is discouraged.

In this age where new areas of technology are mushrooming, we need to be responsive to emerging industries that require new standards. In South Korea for example, the authorities are developing novel standards, reforming regulations and reviewing policies in industries such as 5G mobile communications, autonomous vehicles, intelligent robots, smart cities, renewable energy and in productions.

Without agile governance in coping with new technological areas, innovators and businesses would face the evitable barriers of commercialisation, global market entry, international trade and research collaboration.

There will be no common language between the innovators, between governments, and with us the consumers.

There is an appropriate description of the role of government in this – to be like a diligent gardener by pruning her trees and cultivating land for new ones to maximise blooming in the garden. It means doing away with obsolete standards and efficiently developing new ones according to changing times.

However, standards can only do so much in advancing the economy or solving a problem.

It still boils down to us as an individual, a citizen, a consumer. In the event of road safety, most accidents occur due to carelessness or recklessness in driving.

Many of us would be guilty of speeding, not wearing our seatbelts and being distracted by our gadgets while on the wheels.

So when we are homebound this holiday season, let us be more mindful when driving.

It is down to us to raise the “standards” of Malaysian drivers.

Similarly, to achieve progress collectively as a nation, each of us has to set high standards for ourselves – in our attitude, mentality, behaviour, in relationships and at work.

Do you hold yourself to high standards?


With the participants including ISO President-Elect John Walter at the 39th ISO Consumer Policy Committee Meeting on May 16.



Wilfred Madius Tangau.

Borneo Post: IBSE System for Sabah Schools

NABALU: The schools in Sabah are set to adopt the Inquiry-Based Science Education (IBSE) system, an advanced teaching technique made famous in France.

“Today is a historic day for the Ministry of Science, Technology and Innovation (MOSTI) and Ministry of Education (MOE) as we have both witnessed the IBSE teaching style, which has already been made a pilot project in the Tuaran District Education (PPD).

“This involves a total of 25 schools and 40 trained teachers. The education minister and myself had visited SMK Mengkabung early this morning.

“Some of these teachers have been sent to France for further training. In actual fact, this pilot project has already been done in a few areas in Kuala Lumpur and Selangor,” said Science, Technology and Innovation Minister Datuk Seri Panglima Madius Tangau.

Both Madius and Education Minister Datuk Seri Mahdzir Khalid had conducted a working visit to SK Mengkabong Tuaran yesterday to evaluate the effectiveness of the IBSE system.

“MOSTI and MOE have been working in collaboration with regards to Science, Technology, Engineering and Mathematics (STEM).

“IBSE actually started at an agency in France called Laman Alapat. It is connected with the France Academy of Science and UNESCO.

“IBSE makes it easier and more enjoyable for students to learn science. This was then brought up by MOSTI. IBSE is in line with the 21st Century Classrom initiative.

“This is something that is intriguing but it is also something that can be further developed,” Mahdzir said.

To put in context, IBSE is a system where the students are encouraged to conduct their own experiments, without relying too much on their textbooks. The teacher’s role in the class is only to guide them.

Current results have proven that the IBSE has been an effective catalyst in boosting the students’ academic performance.

During the visit, Mahdzir and Madius sat down and listened to the concerns of the teachers in SK Mengkabong.

Its principal, Nuridah Kadom had disclosed that her school is currently in need of a new building ground as the school’s current ground is not safe due to its landform.

“We need a new building, with a complete field. More importantly, we need a school that is safe for the students.

“We have an eight-acre land, which can be used to build a new building for our students,” said Nuridah.



Memohon Tanah untuk Sekolah Menengah Baru di Kampung Giok

Permohonan tanah untuk sekolah menengah baru di Kampung Giok, Tamparuli yang sebenarnya untuk menggantikan projek SMK Pekan Nabalu yang telah dihentikan beberapa tahun lalu telahpun dimajukan kepada Kerajaan Negeri.

Khabar baik ini dibawa oleh rakan saya, YB Datuk Seri Mahdzir Khalid Menteri Pendidikan semasa lawatan julung kalinya ke kawasan parlimen saya Tuaran.

Setinggi-tinggi terima kasih YB Menteri Pendidikan.

Dengan terbinanya sekolah menengah baru ini nanti, ibu bapa akan dapat menghantar anak anak mereka dari 15 sekolah rendah di sekitar Nabalu untuk pendidikan menengah ke sekolah yang lebih hampir dengan kediaman mereka berbanding sekarang.

Inilah usaha yang dibuat oleh Kerajaan Barisan Nasional untuk membangunkan pendidikan rakyat khususnya di luar bandar.

Image may contain: 48 people, people smiling, crowd and outdoor
Saya dengan Datuk Seri Mahadzir, ADUN Kiulu Datuk Joniston Bangkuai bergambar kenangan dengan murid-murid di SK Giok.

Image may contain: 9 people, people standing

Image may contain: 23 people, people smiling, camera and outdoor

Image may contain: 13 people
Menteri Pendidikan membuat pengumuman dalam satu sidang akhbar di SK Giok.

Your Data Could be Kidnapped / Data Anda Boleh Diculik

Click sini untuk artikel Bahasa Malaysia

Last week, tens of thousands of organizations across the globe were struck by a massive-scale ransomware attack through malware known as “WannaCry”.

The malicious software locks data away and demands payment of up to US$300 a time before it would restore scrambled files. The healthcare sector in particular, was heavily hit in certain countries where services of hospital and ambulance unfortunately had to be suspended due to the disruption.

CyberSecurity Malaysia, responded swiftly with issuance of an urgent advisory alert for organisations in Malaysia to take immediate preventive steps against ransomware attacks. We held a press conference at the Ministry of Science, Technology and Innovation to explain the situation and to respond to questions from the public.



Ransomware is the fastest growing malware threat, whereas malware is generally a hostile or intrusive software that targets users of all types — from the home user to the corporate network.

Most of us think we are safe from ransom extortion but gone are the days when criminals only target the wealthy.

In today’s digital age, almost anyone in Malaysia or the world who is connected to the Internet is a potential ransom target, irrespective of where you are – urban or rural areas!

To explain ransomware, it is a malware for “data kidnapping”. The attacker encrypts (lock) the victim’s data and demands payment for the decryption (unlock) key for the victim to regain access to the system or files. It either prevents normal use of the victim’s computer or denies access to files.

The “data kidnapper” demands a ransom payment from the victim for the victim. Some malicious versions even have a timer and begin deleting files until a ransom has been paid. The ransom could range from a minimal amount to thousands of dollars, but it is often settled via the virtual currency Bitcoin without having to reveal the identity of the attacker!

Ransomware can be delivered through e-mail attachments, infected programs and compromised websites. But most commonly through an infected file attached to emails. Ransomware can also infect when a user visits an infected website and malware is downloaded and installed without the user’s knowledge.

Another method of transmission is through social media, such as Web-based instant messaging applications.

But this time, the “WannaCry” ransomware is next-generation. It does not just encrypt one local machine; instead it propagated itself, spread throughout the organisation’s network and infected unpatched devices. Experts call it a “ransomworm”.

Once you are hit by ransomware, your recourse is limited. Paying the ransom does not guarantee the encrypted files would be released. It only guarantees that the cyber criminals receive the victim’s money and in worst-case scenarios, their personal information would be subjected to further extortion.

In many cases, the victim ends up losing all of his or her data.

According to cyber security firm Symantec’s latest Internet Security Threat Report 2017, the number of global ransomware detections increased by 36 per cent during 2016 to 463,000 incidences. In tandem with the spike in attacks, the number of new ransomware families more than tripled to 101.

In terms of ransomware threat by destination, Malaysia was ranked 17th globally, and 6th in the Asia Pacific and Japan region. From January to April 2017 alone, CyberSecurity Malaysia has received 44 incident reports on ransomware.

At this rate the annual figure may well surpass 2016’s total of 83 incidents. The mean average ransom demanded by attackers has also increased dramatically during 2016 from US$294 in 2015 to US$1,077. The statistics underscore a trend that more cyber criminals are jumping on the ransomware bandwagon.

CyberSecurity Malaysia will continue to monitor ransomware attacks and provide technical assistance to affected organizations and individual users on remediation and preventions through their Cyber999 service.

The Un-Erasable Digital Footprint

Ransomware is arguably one of the most dangerous types of malware because of how it works and how it affects its victims. Despite all the warnings, many still fall victim to this type of threat.

According to statistics by Malaysia Communications & Multimedia Commission, Malaysians spend almost 6 hours on computers and about 3.5 hours on social media daily. This makes us one of the most vulnerable targets to cyber criminals.

Malaysians also need to be mindful that an individual’s digital footprint is on the Internet permanently and they may one day become valuable targets for ransomware criminals. These include photos or videos posted on social media, radical opinions published to blogs and personally identifiable information such as contact information and addresses.

Putting a Stop To Ransomware

To protect against “data kidnapping”, one immediate step is to back up data on a regular basis and most importantly, have a back-up and recovery plan in case your mobile device or computer is encrypted by ransomware. If an attack occurs, do not pay a ransom. Instead, wipe the disk drive clean and restore data from the backup.

Malaysians should also deploy email and web security tools. Be sure to update anti-virus and anti-malware tools regularly. We should keep data in separate devices and store back-ups offline while maintaining up-to-date anti-virus software and perform regular patches (updates) by downloading them directly from original software developer.

Use stronger passwords which are complex and change them regularly. Many Malaysians are guilty of using simple and predictable passwords since they are easy to remember. A strong password should at least comprise eight characters inclusive of numbers and symbols.

For smartphone users, it is wise not to download third-party apps which are created and provided by a vendor other than the manufacturer of the device, from untrusted sources. While some of the apps may look legitimate, free apps may contain ransomware. Therefore, always check the app developer to ensure reliability and read the permissions before downloading.

Most importantly, “Think Before You Click”. Be cautious at all times and never open any suspicious emails even if they look official. Instead, look out for odd subject lines, typos, or URLs that do not have the correct domain and delete them immediately.

Ransomware Isn’t Going Anywhere

Ransomware demands attention regardless of industry and this high-value attack method will likely continue with the growth of ransomware-as-a-service (RaaS), where potential criminals with no training or skills can easily download tools and use them at a victim.

MOSTI has undertaken several initiatives to increase the digital literacy of local communities through ICT development under our social innovation programme. One such project is MyCyber Komuniti in Tamparuli, Sabah – a one stop centre for knowledge and information sharing about positive usage of computer and the Internet.

The centre is equipped with computers, Internet access, digital printers and scanning machines to bridge the digital gap and empower local community to overcome issues relating to cyber security.

Another notable national-scale educational programme is CyberSAFE, the short for “Cyber Security Awareness For Everyone” to generate awareness on the technological and social issues facing internet users, particularly on the risks they face online. Various annual CyberSAFE programs have been introduced to inculcate safer Internet usage among school children in Malaysia.

It is inevitable that ransomware will continue to thrive. The most judicious approach to adopt is prevention. I hope this incident would raise much awareness.

Lastly, as advocated by CyberSecurity Malaysia in their “MyViralVow” campaign, please verify any information with the authority, in this case regarding ransomware, before sharing them with your contacts.


Wilfred Madius Tangau.

Data Anda Boleh Diculik

Minggu lepas, puluhan ribu organisasi di seluruh dunia mengalami serangan besar-besaran perisian tebusan (ransomware) menerusi perisian hasad (malware) yang dikenali sebagai “WannaCry”.

Perisian jahat itu mengunci data dan menuntut bayaran sehingga US$300 setiap kali sebelum mengembalikan fail yang disulitkan. Sektor penjagaan kesihatan terutamanya mengalami serangan begitu hebat di sesetengah negara sehingga perkhidmatan hospital dan ambulans terpaksa digantung disebabkan gangguan teruk.

CyberSecurity Malaysia pantas bertindak balas dengan mengeluarkan amaran berjaga-jaga kepada organisasi di Malaysia supaya mereka mengambil langkah pencegahan segera terhadap serangan perisian tebusan. Kami mengadakan sidang akhbar di Kementerian untuk menjelaskan situasi dan menjawab soalan daripada orang ramai.

Perisian tebusan ialah ancaman perisian hasad yang paling pesat berkembang, sedangkan perisian hasad pada umumnya ialah perisian perosak atau penceroboh yang menyasarkan semua jenis pengguna – daripada pengguna di rumah kepada rangkaian korporat.

Kebanyakan kita beranggapan kita selamat daripada diperas ugut supaya membayar wang tebusan, tetapi zaman sudah berlalu apabila penjenayah hanya menyasarkan golongan kaya.

Pada zaman digital masa kini, hampir setiap orang di Malaysia atau di dunia yang dihubungkan dengan Internet berpotensi menjadi sasaran untuk diperas ugut membayar wang tebusan, tidak kira di mana anda berada sama ada kawasan bandar atau luar bandar!

Sebagai penjelasan, perisian tebusan ialah perisian hasad untuk melakukan “penculikan data”. Penyerang menyulitkan (mengunci) data mangsa dan menuntut bayaran untuk menyahsulitkan (membuka kunci) data supaya mangsa dapat mengakses semula sistem atau failnya. Perisian tebusan menghalang komputer mangsa digunakan seperti biasa atau menyekat akses kepada fail.

“Penculik data” menuntut bayaran wang tebusan daripada mangsa untuk mangsa mendapat kembali datanya. Malah sesetengah versi jahat mengandungi pemasa dan mula memadamkan fail sehingga wang tebusan dibayar. Wang tebusan adalah antara sejumlah minimum hinggalah ribuan dolar, tetapi selalunya dijelaskan menerusi mata wang maya, Bitcoin tanpa perlu mendedahkan identiti penyerang!

Perisian tebusan boleh disalurkan menerusi kepilan e-mel, program dijangkiti dan laman web yang digodam. Bagaimanapun, saluran paling biasa digunakan ialah menerusi fail yang dijangkiti dikepilkan pada e-mel. Perisian tebusan boleh juga berjangkit apabila pengguna mengunjungi laman web yang dijangkiti dan perisian hasad dimuat turun dan dipasang tanpa pengetahuan pengguna.

Satu lagi kaedah penyebaran ialah menerusi media sosial seperti aplikasi pengiriman mesej segera yang menggunakan Internet.

Bagaimanapun kali ini, perisian tebusan “WannaCry” merupakan versi terkini (next-generation). Perisian ini bukan sahaja menyulitkan sebuah mesin tempatan, sebaliknya membiakkan diri, merebak dalam seluruh rangkaian organisasi dan menjangkiti peranti yang tidak dilengkapi perisian kemas kini. Pakar menggelarnya cecacing tebusan (ransomworm).

Apabila anda diserang perisian tebusan, jalan penyelesaian anda terhad. Membayar wang tebusan tidak menjamin fail yang disulitkan itu akan dilepaskan. Tindakan ini hanya memastikan penjenayah siber menerima wang mangsa dan dalam senario terburuk, maklumat peribadi mereka akan menjadi sasaran peras ugut seterusnya.

Dalam banyak kes, mangsa akhirnya kehilangan semua datanya.

Menurut Laporan Ancaman Keselamatan Internet 2017 oleh syarikat keselamatan siber, Symantec, bilangan kes perisian tebusan yang dikesan di seluruh dunia meningkat 36 peratus pada 2016 kepada 463,000 insiden. Selaras dengan lonjakan serangan itu, bilangan famili perisian tebusan baharu meningkat lebih tiga kali ganda kepada 101.

Dari segi ancaman perisian tebusan mengikut destinasi, Malaysia di tangga ke-17 pada peringkat dunia dan ke-6 di rantau Asia Pasifik dan Jepun. Dari Januari hingga April 2017 sahaja, CyberSecurity Malaysia menerima 44 laporan insiden perisian tebusan.

Pada kadar ini, angka tahunan mungkin jauh mengatasi sejumlah 83 insiden yang dilaporkan pada 2016. Purata wang tebusan yang dituntut oleh penyerang turut meningkat secara mendadak, iaitu daripada US$294 pada 2015 kepada US$1,077 pada 2016. Statistik itu menunjukkan trend bahawa semakin ramai penjenayah siber kini terlibat dengan serangan perisian tebusan.

CyberSecurity Malaysia akan terus memantau serangan perisian tebusan dan memberikan bantuan teknikal dalam aspek pemulihan dan pencegahan kepada organisasi dan pengguna individu yang terjejas menerusi perkhidmatan mereka, Cyber999.

Jejak Digital yang Tidak Boleh Dipadamkan

Perisian tebusan boleh dikatakan antara jenis perisian hasad paling berbahaya kerana cara perisian ini berfungsi dan menjejaskan mangsanya. Meskipun banyak amaran diberikan, ramai pengguna masih menjadi mangsa ancaman jenis ini.

Menurut statistik Suruhanjaya Komunikasi dan Multimedia Malaysia, rakyat Malaysia setiap hari menghabiskan hampir enam jam menggunakan komputer dan kira-kira tiga setengah jam menggunakan media sosial. Amalan ini menjadikan kita antara sasaran paling terdedah kepada serangan penjenayah siber.

Rakyat Malaysia juga perlu menyedari bahawa jejak digital seseorang itu kekal dalam Internet dan suatu hari nanti boleh menjadi sasaran berharga bagi penjenayah perisian tebusan. Antaranya termasuk gambar atau video yang dihantar di media sosial, pendapat radikal yang disiarkan ke blog dan maklumat peribadi sensitif seperti maklumat perhubungan dan alamat.

Menghentikan Perisian Tebusan

Bagi melindungi diri daripada “penculikan data”, langkah segera ialah melakukan backup data (membuat salinan pendua) secara berkala dan paling penting, menyediakan pelan backup dan pemulihan sekiranya komputer atau peranti mudah alih anda disulitkan oleh perisian tebusan. Jika berlaku serangan, jangan bayar wang tebusan. Sebaliknya bersihkan pemacu cakera sepenuhnya dan dapatkan kembali data daripada backup.

Rakyat Malaysia perlu juga menggunakan alat keselamatan e-mel dan laman web. Pastikan anda mengemaskinikan alat antivirus dan antimalware secara berkala. Kita perlu menyimpan data dalam peranti berasingan dan menyimpan backup di luar talian sambil memastikan perisian antivirus sentiasa kemas kini dan melakukan patch (kemas kini) secara berkala dengan memuat turunnya terus daripada pembangun perisian asli (original).

Gunakan kata laluan lebih kukuh yang lebih rumit dan tukar kata laluan dari semasa ke semasa. Ramai rakyat Malaysia menggunakan kata laluan yang ringkas dan boleh diramalkan kerana mahu kata laluan yang mudah diingat. Kata laluan yang kukuh mesti mengandungi sekurang-kurangnya lapan aksara termasuk nombor dan simbol.

Bagi pengguna telefon pintar, wajar untuk tidak memuat turun aplikasi pihak ketiga yang dicipta dan disediakan oleh vendor selain pengeluar peranti berkenaan, iaitu daripada sumber yang tidak boleh dipercayai. Sungguhpun sesetengah aplikasi nampak tidak meragukan, aplikasi percuma boleh mengandungi perisian tebusan. Oleh sebab itu, sentiasa periksa pembangun aplikasi untuk memastikan perisian boleh dipercayai dan baca keizinan (permission) yang diminta sebelum melakukan muat turun.

Paling penting, “Fikir Sebelum Klik”. Sentiasa berhati-hati dan jangan membuka sebarang e-mel yang meragukan sekalipun nampak rasmi. Sebaliknya perhatikan judul e-mel yang pelik, kesilapan tipografi atau URL yang tidak betul domainnya. Padam semuanya serta-merta.

Perisian Tebusan Tidak Akan Mencapai Matlamatnya

Perisian tebusan perlu diberi perhatian tanpa mengira industri dan kaedah serangan bernilai tinggi ini dijangka berterusan dengan pertumbuhan perisian tebusan sebagai perkhidmatan (ransomware-as-a-service atau RaaS). Dengan RaaS, penjenayah yang tidak mempunyai latihan atau kemahiran boleh memuat turun alat dengan mudah dan menggunakannya terhadap mangsa.

MOSTI mengambil beberapa inisiatif untuk meningkatkan literasi digital masyarakat tempatan menerusi pembangunan ICT di bawah program inovasi sosial kami. Sebuah projek seumpama itu ialah MyCyber Komuniti di Tamparuli, Sabah – sebuah pusat sehenti untuk berkongsi pengetahuan dan maklumat tentang penggunaan komputer dan Internet yang positif.

Pusat itu dilengkapi komputer, akses Internet, pencetak digital dan mesin pengimbas untuk merapatkan jurang digital dan memperkasakan komuniti tempatan untuk mengatasi isu berkaitan dengan keselamatan siber.

Satu lagi program pendidikan peringkat kebangsaan yang penting ialah CyberSAFE, iaitu singkatan bagi “Cyber Security Awareness For Everyone” (Kesedaran Keselamatan Siber Untuk Semua Orang) bagi menimbulkan kesedaran tentang isu teknologi dan sosial yang dihadapi oleh pengguna Internet, terutamanya tentang risiko yang dihadapi oleh mereka di Internet. Pelbagai program tahunan CyberSAFE diperkenalkan untuk menggalakkan penggunaan Internet yang selamat dalam kalangan murid sekolah di Malaysia.

Tidak dapat dielakkan bahawa perisian tebusan akan terus berkembang. Pendekatan paling bijak yang dapat diambil ialah pencegahan. Saya berharap insiden itu akan menimbulkan kesedaran meluas.

Akhir sekali, saya ingin menekankan perkara ini lagi dan lagi – seperti yang dianjurkan oleh CyberSecurity Malaysia dalam kempen “MyViralVow” mereka – sila sahkan sebarang maklumat dengan pihak berkuasa, dalam kes ini berkaitan dengan perisian tebusan, sebelum berkongsi maklumat itu dengan orang hubungan anda.

Sinar TV: Jangan panik serangan ‘Ransomware WannaCry’

Menteri Sains, Teknologi dan Inovasi (MOSTI), Datuk Seri Wilfred Madius Tangau menasihatkan orang ramai supaya tidak panik dengan serangan siber ‘Ransomware WannaCry’ yang melanda dunia pada 12 Mei lalu.

The Star: Report ransomware to us, says CyberSecurity Malaysia

PUTRAJAYA: CyberSecurity Malaysia (CSM) has urged those affected by ransomware attacks to report the incidents to them.

Its chief executive officer Datuk Dr Amirudin Abdul Wahab (pic) said this would help CSM conduct technical analyses and verify what ransomware was involved.

He said they could give advice and even try to recover data that was lost if they had the particular ransomware’s decryption key.

“There is no charge for our technical advice. You’re helping yourself and others, ” he said at a press conference here on Wednesday to address the WannaCry ransomware issue.

He gave the assurance that the identities of those who reported to CSM would be kept confidential.

Under Malaysian law, there is no obligation for anyone to report incidences of malware or ransomware to the authorities.

CSM, an agency under the Science, Technology and Innovation Ministry, said that as of Wednesday, it had received two official reports of infections, one from an academic institution and another from a private organisation.

CSM did not give out any other details about these cases.

Science, Technology and Innovation Minister Datuk Seri Madius Tangau urged people not to panic or be unnecessarily alarmed, but said they should be careful.

IT security firm LGMS told The Star Online that it knows of 16 WannaCry cases in Malaysia so far.

The WannaCry ransomware, which infected hundreds of thousands of computers in more than 150 countries, encrypts the data on a victim’s computer or network, preventing users from accessing it.

The perpetrators promise to release the data if they are paid US$300 (RM1,300) in Bitcoin cyber-currency by each victim.

The WannaCry attack began last Friday and among those hit were Britain’s National Health Service, Russia’s interior ministry and international shipper FedEx.

According to a report in The Guardian, the ransomware uses a vulnerability first revealed as part of a leaked stash of NSA-related documents, which infects machines running Windows and encrypts their contents before demanding a ransom to decrypt these files.

A website that tracks WannaCry infections has been showing blips in Malaysia every now and then.

The website displays a blip whenever an infected computer pings its tracking servers, allowing it to map out a geographical distribution of the WannaCry infection.

The website was created by a 22-year-old British researcher known only as “MalwareTech”, who was credited with discovering a “kill switch” that halted the outbreak.