KUALA LUMPUR, Dec 10 — Forensic investigations, including into the alleged involvement of certain parties in the cyberattack on the Social Security Organisation (Socso), are ongoing.
Socso Group chief executive officer Datuk Seri Mohammed Azman Aziz Mohammed said that the agency, in a meeting with the National Security Council (MKN), agreed to file a police report following an internal forensic investigation, which found elements of commercial crime.
“I give my assurance that whoever is the mastermind of this cyberattack, will be brought to justice. Socso will not compromise when it comes to the protection of personal data, which is of paramount importance to the nation,” he said, in a statement today.
He said that detailed information about the data allegedly stolen and posted on the dark web cannot be disclosed yet, as the investigations are ongoing.
According to him, Socso will continue to develop its information and communication technology (ICT) infrastructure over time. It will be guided by the MKN, the National Cyber Security Agency (Nacsa) and the relevant authorities, and will adopt best practices to ensure that there are no loopholes in the system which can be manipulated by hackers.
He also said that Socso has taken four major steps to deal with the cyberattack, which was discovered at around 7pm on December 2.
These included activating the Business Continuity Plan (BCP), strengthening Socso’s ICT system, conducting an internal forensic investigation and implementing the communication plan.
“At this stage, the authorities are satisfied with the steps taken by Socso, but further follow-up actions will be carried out from time to time, in close cooperation with the authorities,” he said.
Mohammed Azman said that post-crisis efforts also include updating the smooth operation of all Socso systems, to ensure that the well-being of 573,000 eligible beneficiaries registered nationwide is always protected. — Bernama