CYBERSECURITY

1. FUTURE CYBER THREAT ASSESSMENT

The future of cybersecurity will be largely determined by what hackers will be after. This will primarily be in two areas: Health and Wealth. More specifically, this means private healthcare-related data and sensitive payment information. Private health records can be worth a fortune. Credit card data can be used for fraud or sold on the black market. Hackers will also take advantage of the fact that companies increasingly rely on their supply chains and will target popular third-party tools, suppliers and companies as a way to breach as many targets as possible. Risk assessments can be performed on any application, function, or process within your organization. But no organization can realistically perform a risk assessment on everything.

To defend against such cyberattacks, companies will need to use more effective security solutions with innovative approaches. For instance, companies will assess their cybersecurity as seen from the hacker’s point of view. The goal will be to not only increase cyber resilience internally within their specific company, but also across the company’s supply chain. Moreover, companies that leave their resources open on the internet and fail to implement strong authentication will be a target to opportunistic attacks. To effectively protect their key assets companies must increase the visibility of security at the board level and increase investment in security talent and technology.

2. CRYPTOGRAPHY

Cryptography is a scientific concept where complex logic and mathematical equations are used to generate robust encryption methods. To keep this information from falling into the wrong hands, they had to hide its meaning. This allowed them the benefit of surprise, timing, and concealed maneuver. The earliest forms of cryptography relied on codes, transposition, and substitution to conceal their messages.

3. SEMANTIC CYBERATTACKS

Semantic cyberattacks, also known as social engineering, manipulate human users’ perceptions and interpretations of computer-generated data in order to obtain valuable information (such as passwords, financial details, and classified government information) from the users through fraudulent means. Phishing is one of the most popular semantic attacks in which hackers send an email hoping to collect some information from the victim.

4. COMPUTER WORM

A computer worm is a type of malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage. Worms are often deployed as secret agents. They collect and report information about your network to the hackers. Worms can be transmitted via software vulnerabilities. Or computer worms could arrive as attachments in spam emails or instant messages (IMs). Once opened, these files could provide a link to a malicious website or automatically download the computer worm. Once it’s installed, the worm silently goes to work and infects the machine without the user’s knowledge.

5. TROJAN HORSE

A Trojan Horse on the other hand is something that looks harmless. Trojan horses can be sent using several methods, including hackers cloning an email. A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system. These actions can include: deleting data, blocking data, modifying data, copying data, disrupting the performance of computers or computer networks. Unlike computer viruses and worms, Trojans are not able to self-replicate.

6. WHISTLEBLOWER PROTECTION ACT 2010

According to Law of Malaysia Act 711 under Whistleblower Protection Act 2010, improper conduct means any conduct which if proved, constitutes a disciplinary offence or a criminal offence meanwhile disciplinary offence means any action or omission which constitutes a breach of discipline in a public body or private body as provided by law or in a code of conduct, a code of ethics or circulars or a contract of employment, as the case may be.

This act provides protection to whistleblowers who voluntarily come forward to report or reveal information on corruption activities. This Act also encourages the public from all sectors to disclose corruption related activities. The identity of the whistleblower and the information provided are kept confidential from any party. Whistleblowers are also given immunity from any civil, criminal or disciplinary action due to the revealing of the act of corruption.

A disclosure of improper conduct under subsection may also be made although the person making the disclosure is not able to identify a particular person to which the disclosure relates. Second, although the improper conduct has occurred before the commencement of this Act in respect of information acquired by him while he was an officer of a public body or an officer of a private body; or of any improper conduct of a person while that person was an officer of a public body or an officer of a private body.