LETTER | Power outage lessons as defence against cyber attack

LETTER | It appears that the government never learns from the repeated power outages in the country in crisis preparedness and disaster management going by the haphazard way the country manages the pandemic and floods.

On Sept 29, 1992, the country suffered a long and widespread power blackout caused by lightning striking a transmission facility and causing a rolling failure in the transmission and distribution system.

Then, four years later, on Aug 3, 1996, a transmission line near Sultan Ismail Power Station in Paka, Terengganu tripped causing all power stations in Peninsular Malaysia to collapse.

This resulted in a massive power failure for several hours. In the wake of that, the government moved to allow five independent power producers to enter the electricity-generation business.

Seven years on, Sept 4, 2003, Kuala Lumpur, Selangor, Negeri Sembilan, Malacca, and Johor suffered a blackout for five hours. Rumors had it that even the sixth prime minister was forced to have a formal lunch by candlelight.

Two years later, Feb 17, 2005, the northern states of Perak, Penang, Kedah, and Perlis had no electricity owing to a fault of the main cable transmission line grid near Serendah, Selangor.

Eight years later, June 27, 2013, a blackout was reported during peak hour in Sarawak supposedly originating from the Bakun Dam causing a trip for the rest of the generators across the grid resulting in severe traffic congestion in the major cities.

Again, in the same year, in July 2013, several power outages occurred in parts of Kuala Lumpur and Selangor.

While there were no cost estimates for what each of the above outages cost to the country economically, just for comparison, a two-minute power outage in Taiwan in May of 1997 cost Formosa Plastics – a company ranked as the world's sixth largest chemical company by sales in 2018 and ranked 758 on Forbes Global 2,000 list of the world's largest public companies - more than RM50 million. Production was interrupted for up to two hours by the outage.

Another outage in July 1999 reportedly cost the entire Taiwan chip manufacturing industry RM300 million.

Disaster preparedness

A flood like the recent one takes several hours of nonstop raining to build up. The pandemic does not spread across in an uncontrolled manner. A power outage will cripple traffic lights, public transport services, people trapped in elevators, and production halted at manufacturing plants.

But a cyberattack on the country’s infrastructure can happen in the blink of an eye or in seconds with limited warning. And when it hits, it will take down the electrical grid followed by everything that is connected to the internet.

In today’s environment where digitisation becomes so pervasive, invading every aspect of our lives, this means every aspect of our lives will come to a halt.

There are no borders or sectors that could be left untouched. The country could possibly come to a standstill.

With people spending more and more time online than ever before, Malaysia is uniquely vulnerable to cyber attacks.

The signs are all there and it is gaining increasing visibility in the last few months, starting with the rise in cryptocurrency mining.

Increasingly, in the last few months alone, the police and TNB reportedly busted a number of mining operations being carried out in several parts of the country.

These are not necessarily wayward techies trying to make a living. It could be the work of cybercriminals. Cryptocurrency mining does not require user input, working in the background while the user is performing other tasks.

Thus, cybercriminals are increasingly using victims’ computers to mine cryptocurrency coins, enabling them to make a profit by harnessing the collective power of hundreds of thousands of computers.

The fact that cryptocurrency mining does not require user input, working in the background while the user is performing other tasks, complicates efforts to track down the responsible parties.

Secondly, the ransomware encounter rate in Malaysia was found to be 100 percent more than the global average.

Ransomware is capable of making a real-world impact by affecting corporate networks and crippling critical services such as hospitals, transportation, and traffic systems.

Thirdly, the country experienced an alarming 544 percent more than the global average in the unintentional download of malicious code to an unsuspecting user’s computer when they visit a website.

Users can be infected with malware simply by visiting a website, even without attempting to download anything. More advanced download campaigns can also install ransomware or even cryptocurrency mining software on a victim's machine.

M'sia cyber attack vulnerability

In 2001, the country’s online systems were attacked by the Code Red worm. The country’s communication network stopped for several hours. Our country was also not spared the 2003 cyber-attacks caused by Blaster and Naachi as has been reported.

Both worms started with the propagation of the Blaster worm through the scanning of vulnerable machines via the network, followed by Naachi worms. These worms used the weaknesses in Windows NT, 2000, and XP software.

Any Critical National Information Infrastructure (CNII) that is compromised is capable of disrupting the well-being of the nation. It is always a catch-up scenario, as cyber threats are always evolving.

The Malaysian tech space needs to continuously enhance its knowledge to stay ahead of cyber threats in securing CNII operations.

If the attacker's intention is to disrupt the national economy, any of the CNII organisations are a potential target.

All systems used in our country, whether the public sector or private, are `foreign’ technologies, and thus they are vulnerable and are at risk.

Due to the pervasive and high interconnectivity in the country, the scale of damages could be substantial from attacks on CNII.

For example, there are extensive data on power outages, flight delays, and disruptions of communication that occur fairly frequently in the country, and against the backdrop of these repetitive infrastructure problems, the consequences of these failures can be used to gauge the effect of a cyber attack on the country.

Even though the country’s current defense approach adopted is more of a proactive and preventive approach rather than reactive, the fact that there is a growing trend in cybercrimes reported shows that more needs to be done.

The current systems and policies are adequate to defend against current threats, but there are no guarantees for tomorrow since the threat is always evolving.

The government should be bold in investing in cybersecurity. The monies invested will be worth it if data breaches can be detected in the early stages. This will help the government to avoid a lot of losses.

Recently, the Defence Minister claimed the country’s intelligence units and Cyber Defence Operation Centre were constantly monitoring the threat posed by hackers when asked whether the country detected any hacking attempts by a foreign country on our security systems.

We await with bated breath on the efficacy and effectiveness of our cyber defence.

The views expressed here are those of the author/contributor and do not necessarily represent the views of Malaysiakini.