CONTACT US | SITEMAP
 
 
Search:
 
Home > Services > Advisories > MyCERT Advisories > 2007

MA-119.102007: MyCERT Special Alert - Festive Season and Long Holiday Alert

Original Issue Date: 10th October 2007

With the coming festive season and long holiday break, MyCERT would like to alert all System Administrators, Network Administrators, IT Personnel and Internet users to properly secure/harden their systems and networks before they leave for their long holidays.

Based on our experience, we had security incidents with servers compromised and websites defaced during festive seasons/long holiday break. Thus, with the release of the alert, we hope such incidents could be prevented.

System Administrators, Network Administrators should take extra precautions against any possibilities of web defacements and malicious code activities during the festive and long holiday season, by implementing proper preventive measures against the above threats. However, other threats such as Denial of Service and Hack threats should not be overlooked. Data Center Administrators should also take extra precautions against any possibilities of mass defacements involving virtual hosting servers. We have been seeing the trend of mass defacements involving virtual hosting servers belonging to data centers.

Financial Institutions must also be vigilant against any possibilities of phishing activities that target the internet bankings. Customers must be advised adequately on avoiding themselves becoming victims of phishing activities by applying safe browsing and safe internet banking practice.

Make sure contact information of your system, network or security administrator is available in the event of a security incident occurring at or originating from your site/network.

Attached below are some useful guidelines and measures that you may follow to ensure that your systems and networks are properly secured, thus preventing them from being compromised:

  1. Make sure all your systems are installed with latest service packs and patches.

    If you're running older versions of operating systems or softwares, make sure you have upgraded them to the latest versions as older versions may have some vulnerabilities that can be manipulated by intruders Aside from that, please make sure that your web based applications and network based appliances are patched accordingly.

    You may refer to your respective vendors for the latest patches, service packs and upgrades.

  2. If you're running services, make sure you close unneeded services/ports and other required services should be filtered and patched accordingly.

  3. Make sure anti-virus softwares that are running on your hosts and email gateways are updated with latest signature files and are enabled to scan all files.

    You may refer to the AV sites at:
    http://www.mycert.org.my/en/resources/malware/av_sites/main/detail/528/index.html

  1. Please check that your systems and networks are configured properly in order to avoid any unnecessary incidents caused by system misconfiguration.

  2. Make sure loggings of your systems and servers are properly enabled.

  3. Make sure you back up important and relevant data from all your systems.

  4. Organizations are recommended to apply defense in depth strategy in protecting their networks. Firewalls, intrusion prevention systems (IPS), network and host based intrusion detection systems (IDS) can prevent and log most of the generic attacks.

    List of several Intrusion Detection Systems
    http://www.mycert.org.my/en/resources/security_tools/intruder_detection/main/detail/199/index.html

  5. Home Users who are using PCs/computers at home are advised to:

    1. Make sure your PCs, browsers are installed with latest service packs or patches.

    2. Install an Anti-Virus software on your PCs which scans and blocks any worms /viruses/malware to the PC. The Anti-virus should be regularly updated with latest signature files in order to detect new worms/viruses.

      You may refer to the following AV sites to download anti-virus software.
      http://www.mycert.org.my/en/resources/malware/av_sites/main/detail/528/index.html

    3. It is recommended for home users to install personal firewalls on their PCs. A personal firewall is capable of blocking and alerting the owner of malicious and suspicious activities.

      More information on home user PC security is available at:
      http://www.mycert.org.my/en/resources/home_user/pc_security/main/detail/520/index.html

    4. Implement safe email-practices.

      Safe-email practices document is available at:
      http://www.mycert.org.my/en/resources/email/email_practices/main/detail/512/index.html

Please take note that MyCERT is available 24x7 during the festive season/long holiday break for incident reporting and users/organizations may contact us for assistance.

MyCERT can be reached at:

E-mail :
Phone : +603 89926969 (monitored during business hours)
Fax : +603 89453442 (monitored during business hours)
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : +60 19 2813801 (24x7 SMS reporting)
Business Hours : Mon - Fri 08:30 -17:30 MYT
Web: http://www.mycert.org.my

Postal : Malaysian Computer Emergency Response Team (MyCERT)
CyberSecurity Malaysia
Level 7, SAPURA@MINES
7, Jalan Tasik, The Mines Resort City
43300 Seri Kembangan
Selangor Darul Ehsan
MALAYSIA

   

Disclaimer | Copyright © 2009 - CyberSecurity Malaysia