KUALA LUMPUR: Malaysia should gear itself towards cyber resilience as the threat of a global cybersecurity breach continues to pose a major risk.
Cybersecurity expert Professor Dr Selvakumar Manickam from Universiti Sains Malaysia said the country should produce more cybersecurity engineers and invest in acquiring the latest technology while constantly evaluating all public portals and websites.
His suggestions came following a global Internet outage on Tuesday that took down several major online platforms and sites, including Amazon, Target, The Guardian, Financial Times and New York Times and the United Kingdom government's website — Gov.uk.
Users attempting to access these sites received error messages, such as "Error 503 Service Unavailable" and "connection failure".
The outage was caused by a service configuration at Fastly — a major content delivery network (CDN) — that triggered disruptions across its servers.
The issue was resolved within an hour after the company disabled that configuration.
Selvakumar said CDN allowed website developers to host some content loaded with the website on a CDN cloud to enable faster and more accessible distribution globally.
The CDN cloud, he said, helped speed up website loading and reduce the cost related to bandwidth.
"Fastly is one of the popular CDN service providers used by large corporations, such as Amazon, Reddit, and even the UK government."
He said websites that used such services and other cloud service providers, including those in Malaysia, had to be able to put their total trust in them.
"However, the benefits they provide significantly outweigh the risks associated with such services. The recent outage was probably due to a maintenance issue that was resolved within an hour.
"Nevertheless, if a breach or cyber-attack caused the outage, the ramifications would be much worse since cybercriminals can easily carry out various types of malicious activities with ease," he told the New Straits Times.
Selvakumar said websites relying on cloud service providers could potentially crash again or be hacked by cybercriminals.
"This is beyond our control since we are at the mercy of the quality and security of those service providers.
"However, we can bolster the systems and websites within our control through security mechanisms, backup, disaster recovery and business continuity policies, and so on.
"It is difficult to predict if we are ready for the impact of a massive outage in our country since it depends on the policies and security implementation put in place by individual organisations.
"However, if that fateful day comes, then small organisations and businesses as well as individuals would be most affected," he said.
Selvakumar had, in January, cautioned the government to address data leaks as scam calls had became prevalent in the country. This came following the reported leaked telecommunication company records of Malaysian users in 2017, which were purportedly sold on the darknet for a mere US$2.
A day before that, the Anonymous Malaysia hackers group returned after six years and issued fresh threats against Malaysian government websites, deemed as having a "low security system".