While most cybercriminals continue to wreak havoc on organisations and steal their data, hacktivists continue to serve as vigilantes in the cyber world. These hackers often attack governments and organisations worldwide who they feel have not been serious in their services to the people.
One of the most prolific hacktivist groups is Anonymous. The group has been exposing weaknesses in organisations and governments around the world and serving as vigilantes in the cyber world by exposing some of the wrongdoings of their victims.
In Malaysia, Anonymous Malaysia last made a threat in 2015 by demanding then prime minister, Datuk Seri Najib Razak to resign over issues plaguing his administration. The group had threatened "all-out internet warfare" should Najib remain in power, targeting the Malaysian Anti-Corruption Commission as well as 150 other websites that would be "strategically selected".
Now, more than five years later the group is back again. This time, Anonymous Malaysia has pledged a concerted cyber attack against Malaysian government websites and online assets called #OpsWakeUp21.
In a video and in posts released on its Facebook and Twitter accounts, the group said the warning should serve as a "wake-up call for the government of Malaysia", which it has accused of keeping silent over the many data breaches and sales of personal information of citizens in the past few years.
Highlighting some of the recent major breaches and scams in the nation, the 2:29-minute video featured a man wearing the Guy Fawkes mask (a symbol which has been adopted by the global Anonymous movement) shown reading text off a paper.
The video was also released just as the ASEAN Digital Ministers Meeting ended last week. During that conference, Tan Sri Muhyiddin Yassin, Malaysian Prime Minister suggested that Asean members work together to enhance laws and share expertise to ensure the security of cyberspace. He expressed Malaysia's commitment and willingness to share its expertise and experiences with their Asean counterparts to ensure workable security objectives with a comprehensive plan and strategy.
Interestingly, when asked to comment on the threat by Anonymous Malaysia, CyberSecurity Malaysia said that they have "reverted that they will not issue any statement on this matter".
Meanwhile, the National CyberSecurity Agency of Malaysia released a statement requesting government agencies to be vigilant and take the necessary steps to ensure they do not become victims of any cyber threat. The statement also said that they will be working with the police to investigate the threat and see what actions should be taken.
To find out how organisations and government agencies can protect themselves from such threats, CyberSecurityASEAN reached out to Kevin Reed, CISO of Acronis, to get his views on the issue.
According to Kevin, Anonymous is more of an umbrella term for a movement, rather than a hacking group. He believes that the whole idea of it is that anyone can claim to be Anonymous. Surprisingly, this approach is useful both for the movement and the actors. He explained that every action under the Anonymous flag boosts the movement's public image and acting as Anonymous is a sure way to bring press attention to their actions.
"I find it unlikely that they will wage an "all-out internet warfare", similar to their last promise but they will likely take some sort of action. The most likely attacks from Anonymous, in this case, are a DDoS attack or leaking data accessed through a vulnerability in the network. I don't believe this will be associated with ransomware but could be data obtained due to credentials received in a spear-phishing attack, leaky S3 bucket, or similar", said Kevin.
Kevin added that it's always useful to review the defences and policies, but he doesn't believe that a complete overhaul or drastic changes will be needed. This is as long as proper network and data flow monitoring procedures are followed and sources of critical or confidential data are reviewed to ensure data is appropriately secured and encrypted.
"While I don't believe them to be an elite hacking group, groups like these have to be taken seriously – hacking is so easy nowadays, that low-skill attackers can get results. Even though bringing down a public website of a government agency will have no direct impact on national security, the problem would be losing the public's trust in its government as a result".