VTA-00354 – Hacktivist Group Anonymous Malaysia Vows Cyber Attack Against Malaysian Government Over Data Breaches:
1. Ensure that the publicly accessible systems are running on the latest patch versions.
2. Restrict the remotely accessible services on your systems to minimize the attack surface to the attacker.
3. Enable Web Application Firewall (WAF) to block malicious web requests and configure rate limiting to mitigate DDOS attacks.
4. Configure the network firewall and WAF to block known botnets and C2 host IPs. Contact us – Ask SuperPRO at https://www.provintell.com/enquiry/ to obtain the list of the latest known botnets and C2 servers.
5. Enable multi-factor authentication on your application services and be on high alert for credential stuffing and/or brute attack. Inform all users to reset their passwords on their system and application accounts.
6. Configure strict email filtering rules to block phishing emails and weaponized email attachments.
On 2021-01-25 around 9pm, there is a new video uploaded in Facebook and Twitter by The Anonymous Malaysia, which is intended to be a “wake-up call” to the Malaysian government. In the video, Anonymous Malaysia claimed that the government’s cybersecurity level is still relatively low, which could lead to data leak. Additionally, the group has also touched on the massive telco leak in 2017 which involved around 46 million mobile numbers, as well as the rise of scam cases and the recent cyberattack incident involving the Malaysian Armed Forces web portal.
Anonymous Malaysia put the blame on the government which were claimed not to be supportive of developers. The group also pointed out that the developers themselves did not take ownership of their codes while being stagnant and unwilling to do something about their mistakes.
Unlike the last known Malaysia-related Anonymous operation in 2015 which also involved some additional drama, this group did not clearly specify its plan in the new video. However, there is still a high possibility that Anonymous Malaysia could embark on a cyberattack operation, judging from the #OpsWakeUp21 hashtag that accompanied the video.
Indicator of Compromise (IOC) Detection:
Contributed by: WinterPro