D'Orazio C.,University of South Australia |
Ariffin A.,University of South Australia |
Ariffin A.,CyberSecurity Malaysia |
Choo K.-K.R.,University of South Australia
Proceedings of the Annual Hawaii International Conference on System Sciences | Year: 2014
With increasing popularity of smart mobile devices such as iOS devices, security and privacy concerns have emerged as a salient area of inquiry. A relatively under-studied area is anti-mobile forensics to prevent or inhibit forensic investigations. In this paper, we propose a "Concealment" technique to enhance the security of non-protected (Class D) data that is at rest on iOS devices, as well as a "Deletion" technique to reinforce data deletion from iOS devices. We also demonstrate how our " Insertion" technique can be used to insert data into iOS devices surreptitiously that would be hard to pick up in a forensic investigation. © 2014 IEEE.
Jawi S.M.,CyberSecurity Malaysia |
Ali F.H.M.,University Technology of MARA
2015 IEEE Student Conference on Research and Development, SCOReD 2015 | Year: 2015
The implementation of an adaptive, non-intrusive proxy in between a client and SSL/TLS web server using more practical and middle approach that can moderate the ongoing and future SSL/TLS sessions. The aim is not to compromise user privacy. Policy rules in JSON schema and JSON data are proposed in handling SSL/TLS connection. This paper extends the implementation of the proxy using Perl language and currently available tools, data repository and techniques. © 2015 IEEE.
Hashim M.S.B.,CyberSecurity Malaysia
2011 2nd Worldwide Cybersecurity Summit, WCS 2011 | Year: 2011
The launching of Malaysia's Vision 2020 mark the country's journey towards becoming a developed nation and embracing the knowledge-based economy as a mean of achieving it. By consciously choosing to utilize the information and communication technology as a tool for development, it has resulted in the increasing use of digital information systems throughout the industry, the private and public organizations and the society at large. However, the dependency on digital information systems bring with it escalating vulnerabilities and risks, especially to the Critical National Information Infrastructure (CNII) which among others include cybercrimes such as Hacking, Intrusion, Fraud, Harassment, Malicious Code and Denial of Service Attacks. Acknowledging the growth of cyber threats that are endangering the e-Sovereignty of the nation, a cyber security policy was put in place. The National Cyber Security Policy (NCSP) is Malaysia's comprehensive cyber security implementation to be done in an integrated manner to ensure the CNII is protected to a level that commensurate the risks faced. Cutting across the government machineries, the implementation has drawn in various ministries and agencies to work together to meet the vision of having a CNII that is secured, resilient and self reliant that will eventually promote stability, social well being and wealth creation for the country. After 4 years of the NCSP implementation, the Malaysia's cyber security is now being looked as something to be reckon with. Much has been done and more need to be done as the landscape of cyber threats changes with the development of new technologies and tools. Successfully implemented, Malaysia's CNII will be better placed to meet the challenges and opportunities that technological advancement brings and that it will help to achieve the objectives of Vision 2020 and beyond. © 2011 EWI.
News Article | December 20, 2012
A preliminary Microsoft security study shows that 63 percent of pirated software peddled in Southeast Asia--either through DVDs or preinstalled on computers--are laced with high-risk malware. In a statement Thursday, Redmond said its security forensics team had worked on 118 samples of pirated software purchased from resellers in Indonesia, Malaysia, Philippines, Thailand and Vietnam. They found about 2,000 instances of malware and virus infections in these samples which include "highly dangerous backdoors, hijackers, droppers, bots, crackers, password stealers, and Trojans", it noted. The study also found that among computers with bootleg copies of Windows operating systems (OSes), 77 percent of the Windows Update functionality has been disabled or re-routed to third-party services. The software giant said these PCs with disabled Windows Update bypass genuine software checks and are denied critical security patches which causes them to be defenseless against malicious cyberattacks. Jeff Bullwinkel, director of legal and corporate affairs for Asia-Pacific and Japan at Microsoft, said: "Pirated software is a breeding ground for cybercrime, and the cost of using it is potentially much higher than the price of buying genuine in the first place. We want to help consumers understand the risks involved and the steps they can take to ensure a safe and secure PC experience." Zahri Yunos, acting CEO of CyberSecurity Malaysia , added in the statement that having a computer with counterfeit software is like "moving into a high-crime neighborhood and leaving [the] doors open [which is] incredibly risky". "People with counterfeit software have no guarantee their sensitive data, activities and communications will be safe from cybercriminals that intend to do harm. As the results of this study show, the danger of counterfeit software is real and consumers should insist on genuine software when purchasing a new PC," said Zahri. Microsoft added it is currently expanding its research in Southeast Asia to increase the sample size of PCs and DVDs containing pirated software. It expects to publish the full study results and analysis during the first quarter of 2013. A separate May 2012 report by the Business Software Alliance (BSA) said about 63 percent of computer users in Asia-Pacific admitted to piracy , above the global average of 57 percent. Software piracy in 2011 resulted in a loss of nearly US$21 billion for software companies, it noted.
News Article | December 3, 2012
SINGAPORE-- The security industry is lagging behind cyberterrorists due to a lack of cooperation and communication between the public and private sectors and nation states. Speakers at Cyber Security Forum Asia 2012, hosted by security and defense firm IB Consultancy here Monday, reiterated the importance of collaboration among private and public organizations in fighting cybercrime , but noted such coordination has yet to be established despite the surge in cyberattacks. Cyberterrorists today are very organized and collaborative, leveraging ICT to promote their ideals, observed Zahri Yunos, CEO of CyberSecurity Malaysia. Citing research on cyberterrorism and the Internet, Zahri noted cyberterrorists have effectively and successfully used the Internet and social media for psychological warfare, publicity and propaganda, social networking, and even recruitment purposes. In comparison, nation states still are not collaborating with each other to battle cybercrime due to a lack of trust , noted Benjamin Ho, associate research fellow for the Center of Multilateralism Studies at the S. Rajaratnam School of International Studies, Nanyang Technological University (NTU). This mistrust is the result of the use of cyberweapons and cyberattacks between nation states, as well as the problem of attribution which has created a state of paranoia among countries, Ho said. Nation funding lead to cyberterrorism Costin Raiu, global research and analysis director at Kaspersky Labs, who was also a speaker at the forum agreed, noting that since the first known cyberweapon, Stuxnet , appeared in 2010, many other variations have surfaced including Duqu, Gauss, and Flame. These cyberweapons are sophisticated, complex, and expensive to construct, requiring investments of US$10 to $15 million, and only nation states have such capital to perpetrate them to others, Raiu noted. Such weapons have led to the inception of cyberterrorism or the use ICT to launch cyberattacks, he observed. While cyberterrorism is not proliferating yet and merely "at the top of the iceberg", it is an emerging threat which nations and the IT security industry will soon struggle against, he warned. Another communicative problem governments have yet to solve is failing to agree on a fixed definition of cyberterrorism, Zahri pointed out. This leads to confusion over the classification of such crimes because "one man's terrorist is another man's freedom fighter". This can ultimately hinder actions taken by governments to safeguard their nations against cyberterrorism, he explained. Internally, there are also communication roadblocks between the public and private sectors. Another speaker Carolyn Patteson, executive director of Computer Emergency Response Team (CERT) Australia, revealed one of the challenges it faced was managing expectations from the private sector. CERT disseminates IT security related information to businesses. Many organizations thought of CERT Australia as "their personal internal CERT team" and failed to understand its actual role as a national IT security team, Patteson explained. Define security terms, update legislations With cyberterrorism, the biggest debate among governments is the difficulty in establishing whether cyberwar is part of cyberterrorism and vice versa, Raiu told ZDNet Asia at the sidelines of the event. He clarified that cyberwar is the work of nation states, while cyberterorrism is committed by individuals. From here, governments should define legislations, preventive measures, and take action against cyberterrorists. With the proliferation of cyberweapons , Raiu added there should also be agreements on the usage of such tools. He explained that, currently, while there are rules and regulations governing the use of nuclear and chemical weapons, there are none for cyberweapons to establish how they can be designed and used, and which nations they come from. Caitriona Heinl, research fellow at Center of Excellence for National Security at NTU's S. Rajaratnam School of International Studies, observed the speed at which cyberattacks evolve has also posed challenges regarding cybercrime legislations , making it difficult to implement policies in a timely and effective manner. As such, governments should update legislations rapidly and work closely with related agencies and the security industry, to implement new laws on cyberattacks once they have taken place, Heinl explained. Above all, countries need to form alliances to combat cybercrime because it is not constrained by borders, she said, adding there should be clauses to aid each other if a member country is subjected to serious cyberattacks.