NCSA urges agencies to remain vigilant
The National Cyber Security Agency (NCSA) has alerted critical agencies to keep their guard up against potential cyberthreats amid intensifying cyberwarfare between Ukraine and Russia.
The agencies were told to closely monitor their internal information systems and plug any loopholes that could lead to cyber-attacks.
All related critical information infrastructure (CII) providers and state agencies should follow updated information and alerts from NCSA to cope with incidents in a timely manner, said the agency.
NCSA's National Computer Security System Coordination Centre on Thursday held talks with 19 regulating agencies and computer emergency response teams for five sectors to discuss measures to deal with possible cybersecurity incidents.
"Thailand has no borders with the two warring countries, but cyber-attacks have no borders as they are executed from internet platforms," said Gp Capt Amorn Chomchoey, deputy secretary-general of NCSA.
During Feb 22-25, he said, distributed-denial-of-service attacks were found to have targeted websites of various Ukrainian organisations, such as the Foreign Ministry, Public Health Ministry and banks, making it impossible to access disconnected networks.
A malware called Hermetic Wiper was also detected, which focused on deleting targeted information on networks in Ukraine, said Gp Capt Amorn.
A cybersecurity firm revealed the malware would damage the Master Boot Record, rendering infected computers inoperable, he said.
Another malware named Cyclops Blink was detected that spoofed websites of Ukrainian government agencies. Those fake websites ran a campaign called "Support the President" to trick users into clicking on harmful links.
The malware is then downloaded on the user's computer and collects information from devices, affecting computer networks in Ukraine, said Gp Capt Amorn.
He said preparation by related agencies can help cope with possible incidents and reduce the risk of damage from cyber-attacks.
Agencies can continue to check remote network access systems such as Remote Desktop Protocol or Virtual Private Network to see if there is any unusual access, said Gp Capt Amorn.
He said agencies should check permission to access the system regularly.
Two-factor authentication should be adopted, and a password should be set in a way that is difficult to guess, said Gp Capt Amorn.
Agencies should keep their operating systems and applications up to date, especially monitoring the latest notifications on vulnerabilities.
They must also install anti-malware programs and keep them up to date, he said.
NCSA said it plans to roll out 40 subordinate regulations of the Cybersecurity Act this year to upgrade the cybersecurity ecosystem in the country.
Around 100 organisations that operate CII stipulated by the act will be directed to comply with the standard framework of security requirements this year to guard against cyberthreats, the agency indicated.