[ATTENTION] Advisory for the Upcoming Merdeka Day Celebration (by NACSA)

Tweet

Dear Customers,

There has been (and will be) a spike in hacking attempts on all servers and sites until the end of the Merdeka weekend. The full official announcement by National Cyber Security Agency (NACSA) is included below.

Our general recommendations, before you go off for the Merdeka celebrations this weekend:-
1. Backup all your websites.
2. Update all your website engines, themes, plugins, platforms, OS, etc to the latest known secure version, and harden their securities.
3. Lock your websites (eg using iThemes security plugin for Wordpress) to prevent unauthorized tampering.
4. Change your website admin passwords, including cPanel account passwords, if any.

Thank you.
-- support@nocser.net

Full NACSA announcement (Reference: https://www.nacsa.gov.my/announce11.php ):-

Introduction

National Cyber Coordination and Command Centre (NC4) continuously monitor the cyber security threat level in Malaysia. In view of the upcoming Merdeka Day celebration and several long weekends in the month of September, NC4 would like to remind System Administrators and Internet users to implement sufficient cyber security measures to ensure that systems and networks are secure before leaving for the holidays.

Impact

Information leakage, information loss, service disruption and integrity of information compromised.

Brief Description

NC4 has observed an increase of various attack attempts targeting numerous organisations in Malaysia for the last few weeks and a few campaigns targeting Malaysian organisations for Distributed Denial of Service (DDoS), web defacement and malware infections.

Therefore, organisations are urged to take the necessary actions to prevent your organisation from becoming the next victim of these attacks.

Impacted Platforms

All operating systems, web servers and online services.

Recommendation

Organisations and individuals are advised to take the following actions: 

1. Update your critical assets with the latest security patches and updates;
2. Do not open or click on unsolicited mails and links with/without attachments;
3. Ensure that anti-virus/anti-malware signatures are up to date and functioning;
4. Never follow links from untrusted sources, which could possibly lead to security attacks, computer virus infection or even identity or account information theft;
5. Disconnect your computer from the Internet when it is not in use;
6. Review your firewall logs and other security devices for anomalies from time to time;
7. Review your firewall and other security devices configurations from time to time;
8. Block or restrict access to every port such as port 3389(RDP), port 5900 (VNC) and port 22 (SSH) and services except for those that should be publicly available;
9. Make sure loggings of systems and servers are always enabled;
10. Make sure your website administrator’s password is strong and secured. Change the password if needed;
11. Perform regular backups of all critical information to limit the impact of data or system loss and to help expedite the recovery process. Ideally, the backup must be done daily, on a separate media and stored offline at an alternate site;
12. Shut down all workstations before leaving your office;
13. Monitor your environment closely for any anomalies;
14. Report any anomalies happening within your network and enterprise environment to NC4.