Mainstream media have picked up on a story broken by tech news portal Lowyat.net about a leak of mobile phone data from Malaysian telcos and mobile virtual network operators (MVNOs). The leaked data is said to date to 2014 and comprise 46.2 million mobile numbers, associated customer addresses as well as SIM card details.
Sanjay Aurora, MD, Asia Pacific, Darktrace commented, "This latest breach is yet another example of a ‘low and slow’ attack that lay dormant inside networks for years, without anyone noticing. The largest breach in Malaysia, personal details of some 46.2 million phone subscribers have been stolen and are free to download online. Traditional defences predicated on chasing after yesterday’s attack fail to spot and stop stealthy ‘low and slow’ attacks of this type. Lateral movements are incredibly difficult to catch, with attackers spending an average of 260 days in a network before striking.
"Machine learning technology that learns on the job and dynamically recalibrates its assumptions in the face of new information, can not only detect, but also halt, such attacks. Alongside this, there needs to be a cultural change. Currently, widespread victim-blaming follows cyberattacks, potentially deterring organisations to come forward with the evidence of crimes."
Fortinet warns those with Malaysian mobile numbers to expect criminals to contact them. Gavin Chow, Network and Security Strategist, Fortinet said, " The personal details that were exposed in this massive mobile data breach can be used for social engineering attacks. The most common example is 'phone/SMS/WhatsApp/WeChat/<any other instant messaging platforms>' scams. The scammer may pretend to be someone calling/texting from the telco since the scammer can correctly prove that he has the scam target’s personal details, for example name, billing address, mobile number, IMEI*, ID number (IC)," he said.
"By convincing the scam target that they are from the telco, or any other organisation that has a combination of your IC and mobile number, the scammers can avail themselves to a variety of ways to trick unsuspecting victims into transferring funds into the scammers’ accounts, or convincing them to install 'telco applications' containing malware - which may subsequently steal your data or banking credentials, etc."
Chou said Malaysian mobile phone users should be on high alert when they receive any messages from strangers. "Verify that the requests are genuine, and do not be tricked into sharing more personal details, transferring funds, installing apps, etc," he said.
Explore:
See the list of cybersecurity incidents reported in Malaysia
Sanjay Aurora, MD, Asia Pacific, Darktrace commented, "This latest breach is yet another example of a ‘low and slow’ attack that lay dormant inside networks for years, without anyone noticing. The largest breach in Malaysia, personal details of some 46.2 million phone subscribers have been stolen and are free to download online. Traditional defences predicated on chasing after yesterday’s attack fail to spot and stop stealthy ‘low and slow’ attacks of this type. Lateral movements are incredibly difficult to catch, with attackers spending an average of 260 days in a network before striking.
"Machine learning technology that learns on the job and dynamically recalibrates its assumptions in the face of new information, can not only detect, but also halt, such attacks. Alongside this, there needs to be a cultural change. Currently, widespread victim-blaming follows cyberattacks, potentially deterring organisations to come forward with the evidence of crimes."
Fortinet warns those with Malaysian mobile numbers to expect criminals to contact them. Gavin Chow, Network and Security Strategist, Fortinet said, " The personal details that were exposed in this massive mobile data breach can be used for social engineering attacks. The most common example is 'phone/SMS/WhatsApp/WeChat/<any other instant messaging platforms>' scams. The scammer may pretend to be someone calling/texting from the telco since the scammer can correctly prove that he has the scam target’s personal details, for example name, billing address, mobile number, IMEI*, ID number (IC)," he said.
"By convincing the scam target that they are from the telco, or any other organisation that has a combination of your IC and mobile number, the scammers can avail themselves to a variety of ways to trick unsuspecting victims into transferring funds into the scammers’ accounts, or convincing them to install 'telco applications' containing malware - which may subsequently steal your data or banking credentials, etc."
Chou said Malaysian mobile phone users should be on high alert when they receive any messages from strangers. "Verify that the requests are genuine, and do not be tricked into sharing more personal details, transferring funds, installing apps, etc," he said.
Explore:
See the list of cybersecurity incidents reported in Malaysia
*IMEI or international mobile equipment identity is a unique serial number that can be used to track a device that has phone capabilities.
No comments:
Post a Comment