22 April 2020, by Professional Indemnity Insurance Committee
Dear Members of the Malaysian Bar,
Since the imposition of the Movement Control Order (“MCO”), up till 7 Apr 2020 cyber-related incidents have gradually increased by an alarming rate of 82.5%.[1] Former Chief Executive Officer of CyberSecurity Malaysia (“CSM”) and leading expert in the information security industry, Prof Col (R) Dato Dr Husin Jazri, in an interview stated that the tendency for cybercrime and cybersecurity cases to occur is a natural consequence of events as more people are online during the MCO period.[2]
Types of incidents
According to the article on The Star online[3], there is a rise in cyber incidents relating to:
- Fraud such as scams, phishing, or social engineering tactics to deceive users and obtain sensitive information;
- Intrusions such as hacking or data breach; and
- Cyberharassment such as cyberstalking.
How is this related to Members?
As working from home is practised widely during the MCO period, Members and law firm employees are vulnerable to cyber risks. It could happen while using emails, accessing the law firm’s central system, and during a tele- or video conferencing.
What can Members do?
1. Avoid using public WiFis;
2. Ensure virtual private networks (“VPN”) and other secure remote working tools are configured for security;
3. Be cautious of emails or messages informing you of updates about the pandemic, health advices, freebies offered to stay at home during the pandemic, login links to register for the Government’s stimulus packages, etc;
4. Do not respond to any emails or messages that solicits for confidential or financial information;
5. Be attentive when accessing websites;
6. When using a telephone or video conferencing platform:
- Join a telephone or video conference only when you recognise the host;
- Ensure the platform is an updated version. This will help detect the latest “bugs” and security breaches;
- The host is able to identify every participant who joins the telephone or video conference. This will prevent unknown entities from entering the platform; and
- Always stay vigilant when using the platform.
7. Change the login password often and use complex combination. Do not share the information with anyone;
8. If you are a law firm owner, educate your employees to recognise phishing emails and share with them this circular.
To find out more about cyber risks, incidences and ways to prevent it from happening to you, read Jurisk! newsletter Issue 2 of 2019 by clicking here.
If you have any questions or require assistance, please email the Professional Indemnity Insurance and Risk Management Department at pirm@malaysianbar.org.my or mysahra@malaysianbar.org.my.
Take cyber risks seriously!
“Today, our very survival depends on our ability to stay awake, to adjust to new ideas, to remain vigilant and to face the challenge of change” – Martin Luther King
Kuthubul Zaman b Bukhari
Chairperson
Bar Council Professional Indemnity Insurance Committee
[1] “Cybersecurity cases rise by 82.5% ”, https://www.thestar.com.my/news/focus/2020/04/12/cybersecurity-cases-rise-by-825 (12 April 2020).
[2] “‘Don’t be alarmed with the rise of Cybersecurity cases’”,https://www.onemalaya.my/2020/04/12/dont-be-alarmed-with-the-rise-of-cybersecurity-cases/ (12 April 2020).