MA-288.082011 : MyCERT Special Alert - Festive Season and Long Holiday Alert
Original Issue Date: 26th August 2011
With the coming festive season and long holiday break, MyCERT would like to alert all System Administrators, Network Administrators, IT Personnel and Internet users to properly secure /harden their systems and networks before leaving for the long holidays.
Based on our experience, there has been security incidents such as servers compromise and web defacement during festive seasons/long holiday break. Thus, with the release of the alert, we hope such incidents could be prevented and minimized to a certain extent.
System Administrators, Network Administrators should take extra precautions against any possibilities of web defacements, phishing, server compromise and malware activities during the festive and long holiday season by implementing proper preventive measures against the said threats. Data Center Administrators and Web Hosting Companies should also take extra precautions against any softwares or third party add-ons they're running by applying the latest patches/upgrades. This is to prevent intrusions that may exploit unpatched applications.
Financial Institutions must also be vigilant against any possibilities of phishing activities that target the internet bankings. Customers must be advised adequately on avoiding themselves becoming victims of phishing activities by applying safe browsing and safe internet banking practice.
Make sure contact information of your system, network or security administrator is available in the event of a security incident occurring at or originating from your site or network.
Attached below are some useful guidelines and measures that you may follow to ensure that your systems and networks are properly secured, thus preventing them from being compromised:
1. Make sure all your systems are installed with the latest service packs and patches.
If you're running older versions of operating systems or softwares, make sure you have upgraded them to the latest versions as older versions may have some vulnerabilities that can be manipulated by intruders Aside from that, please make sure that your web based applications and network based appliances are patched accordingly.
You may refer to your respective vendors websites for the latest patches, service packs and upgrades. You may also refer to MyCERT's website for information on the latest patches, service packs and upgrades by refering to our latest advisories at:
2. Make sure anti-virus softwares that are running on your hosts and email gateways are updated with the latest signature files and are enabled to scan all files.
You may refer to the AV sites at:
3. Please check that your systems and networks are configured properly in order to avoid any unnecessary incidents caused by system misconfiguration.
4. Make sure loggings of your systems and servers are properly enabled.
5. Make sure you back up important and relevant data from all your systems.
6. Organizations are recommended to apply defence in depth strategy in protecting their networks. Firewalls, intrusion prevention systems (IPS), network and host based intrusion detection systems (IDS) can prevent and log most of the generic attacks.
7. Home Users who are using PCs/computers at home are advised to:
- Make sure your PCs and browsers are uptodate with the latest upgrades and patches
- Install an Anti-Virus software on your PCs to scans and blocks any malware to the PC. The Anti-virus should be regularly updated with the latest signature files in order to detect new worms/viruses
You may refer to the following site for links to download anti-virus software.
- Implement safe email-practices.
Safe-email practices document is available at:
- Take precautions against online scams.
Tips and guidelines on scam prevention
Please take note that our office will be closed from 29th until 2nd September 2011. However, MyCERT is available 24x7 during the festive season and long holiday break for critical incident reporting that need urgent response. Users and organizations are encouraged to report incidents or contact us for assistance.
MyCERT can be reached at:
E-mail : firstname.lastname@example.org
Telephone : 1300882999(monitored during office hours)
Fax : +603 89453442
Handphone : +6019 2665850 (24x7)
SMS : CYBER999 REPORT and send it to 15888 (24x7)
Office Hours : Mon - Fri 09:00 AM -18:00 PM MYT
Postal : Malaysian Computer Emergency Response Team (MyCERT)
Level 7, SAPURA@MINES
7, Jalan Tasik, The Mines Resort City
43300 Seri Kembangan
Selangor Darul Ehsan