Tuesday, November 21, 2017

A month after millions of private and confidential data were hacked and stolen, and all the Deputy Minister of MCMC can tell us is to change our passwords regularly?

Yesterday, Deputy Minister of Communications and Multimedia Datuk Seri Jailani Johari told Malaysians to change passwords regularly and to not reveal personal information over the internet in order to protect themselves against cyberattacks.

Sebagai pengguna, seharusnya memastikan, seboleh-bolehnya, jangan kongsikan apa sahaja maklumat mengenai kita di dalam media sosial yang kita punya. 
Sebaik-baiknya, sekurang-kurangnya tiga bulan sekali, kita tukar kata laluan. Dan kalau boleh kita gunakan alphanumeric numbers.  Dan kita juga jangan sewenang-wenangnya memaut mana-mana pautan yang kita rasakan tidak sesuai kerana ia akan memberikan kesan kepada kita.

The Deputy Minister said this in Parliament in response to a question on the steps taken by the Government in the cases which involved leakage of confidential personal data.

Datuk Seri Jailani’s comment is dangerously simplistic and avoids the government’s role in ensuring our cyber security.

For example, the recent sale of millions of breached personal data shows just how vulnerable Malaysians are to having our information stolen – and it has absolutely nothing to do with the need for users to change passwords regularly.

The Ministry’s response to this critical issue has also revealed not only how misplaced their priorities are, it also revealed that the Government is utterly clueless as to what to do to address the problems.

Rather than assuring people of an investigation, the MCMC’s first move was to take down the initial news report of the sale. Last week, it blocked the website sayakenahack.com which allowed users to key in their IC numbers to check if their details had been found in the data breached from Malaysian telco companies.

The question that keeps re-emerging is who the Government is really protecting with these measures. It appears that they are more inclined to protect the reputation of the huge corporations which were entrusted with our confidential data by covering up the scandal, instead of taking the bull by the horns to protect everyday Malaysians.

Taking those precautionary measures, as advised by the Deputy Minister, would have nothing to protect Malaysians from having their personal data being sold.

What’s worrying is that Malaysia was revealed last year, in a survey done by global cyber-security firm Kaspersky Labs, as having the most compromised servers in Southeast Asia.

Rather than constantly telling consumers to be more careful, the government needs to be urging data holders including themselves to improve their own standards instead of passively monitoring and not acting on these severe breaches.

No comments: