CONTACT US | SITEMAP
 
 
Search:
 
Home > Services > Advisories > MyCERT Advisories > 2008

MA-140.092008: MyCERT Special Alert - Festive Season and Long Holiday Alert

Original Issue Date: 26th September 2008

With the coming festive season and long holiday break, MyCERT would like to alert all System Administrators, Network Administrators, IT Personnel and Internet users to properly secure/harden their systems and networks before leaving for the long holidays.

Based on our experience, there has been security incidents such as servers compromise and web defacement during festive seasons/long holiday break. Thus, with the release of the alert, we hope such incidents could be prevented and minimized to certain extent.

System Administrators, Network Administrators should take extra precautions against any possibilities of web defacements, phishing, server compromise and malware activities during the festive and long holiday season, by implementing proper preventive measures against the above threats. Data Center Administrators and Web Hosting Companies should also take extra precautions against any softwares or third party add-ons they're running by applying latest patches/upgrades. This is to prevent intrusions that may exploit unpatched applications.

Financial Institutions must also be vigilant against any possibilities of phishing activities that target the internet bankings. Customers must be advised adequately on avoiding themselves becoming victims of phishing activities by applying safe browsing and safe internet banking practice.

Make sure contact information of your system, network or security administrator is available in the event of a security incident occurring at or originating from your site or network.

Attached below are some useful guidelines and measures that you may follow to ensure that your systems and networks are properly secured, thus preventing them from being compromised:

  1. Make sure all your systems are installed with latest service packs and patches.

    If you're running older versions of operating systems or softwares, make sure you have upgraded them to the latest versions as older versions may have some vulnerabilities that can be manipulated by intruders Aside from that, please make sure that your web based applications and network based appliances are patched accordingly.

    You may refer to your respective vendors for the latest patches, service packs and upgrades. You may also refer to MyCERT's website for information on latest patches, service packs and upgrades at:

    http://www.mycert.org.my

  2. If you're running services, make sure you close unneeded services/ports and other required services should be filtered and patched accordingly.

  3. Make sure anti-virus softwares that are running on your hosts and email gateways are updated with latest signature files and are enabled to scan all files.

    You may refer to the AV sites at:
    http://www.mycert.org.my/en/resources/malware/av_sites/main/detail/528/index.html

    1. Please check that your systems and networks are configured properly in order to avoid any unnecessary incidents caused by system misconfiguration.
    2. Make sure loggings of your systems and servers are properly enabled.
    3. Make sure you back up important and relevant data from all your systems.
    4. Organizations are recommended to apply defense in depth strategy in protecting their networks. Firewalls, intrusion prevention systems (IPS), network and host based intrusion detection systems (IDS) can prevent and log most of the generic attacks.

      List of several Intrusion Detection Systems
      http://www.mycert.org.my/en/resources/security_tools/intruder_detection/main/detail/199/index.html


  4. Home Users who are using PCs/computers at home are advised to:
    • Make sure your PCs, browsers are installed with latest service packs or patches.

    • Install an Anti-Virus software on your PCs which scans and blocks any worms /viruses/malware to the PC. The Anti-virus should be regularly updated with latest signature files in order to detect new worms/viruses

You may refer to the following AV sites to download anti-virus software.
http://www.mycert.org.my/en/resources/malware/av_sites/main/detail/528/index.html

It is recommended for home users to install personal firewalls on their PCs. A personal firewall is capable of blocking and alerting the owner of malicious and suspicious activities

More information on home user PC security is available at:
http://www.mycert.org.my/en/resources/home_user/pc_security/main/detail/520/index.html

    • Implement safe email-practices.

Safe-email practices document is available at:
http://www.mycert.org.my/en/resources/email/email_practices/main/detail/512/index.html

    • Take precautions against online scams.

Tips and guidelines on scam prevention
http://www.mycert.org.my/en/resources/fraud/main/main/detail/588/index.html

Please take note that MyCERT is available 24x7 during the festive season/long holiday break for incident reporting. Users and organizations are encouraged to report incidents or contact us for assistance.

MyCERT can be reached at:

E-mail : mycert@mycert.org.my
Phone : +603 89926969 (monitored during business hours)
Fax : +603 89453442
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : +60 19 2813801 (24x7 SMS reporting)
Business Hours : Mon - Fri 08:30 -17:30 MYT
Web: http://www.mycert.org.my

Postal : Malaysian Computer Emergency Response Team (MyCERT)
CyberSecurity Malaysia
Level 7, SAPURA@MINES
7, Jalan Tasik, The Mines Resort City
43300 Seri Kembangan
Selangor Darul Ehsan
MALAYSIA
   

Disclaimer | Copyright © 2008 - CyberSecurity Malaysia