Economy Minister Rafizi Ramli said issues regarding the registration — including bugs, other vulnerabilities and the loophole where people’s IC could be used to override and change their password — were addressed within one hour after it was highlighted by social media users.
To ensure the security of Padu, measures — such as implementing cybersecurity protocols, strict access control, a robust data backup and recovery system, better data privacy policies and procedures, regular cybersecurity and data privacy training for staff, regular security assessments, and an incident response plan — are necessary.
These measures will protect the database from cyber threats, unauthorised access, data breaches and system failures.
Other steps include relooking its network infrastructure, cybersecurity, data management, IT governance, IT talent management, IT project management, IT budgeting and its outdated network infrastructure, which cannot handle increasing demand for online services, resulting in slow Internet speeds, frequent network outages and connectivity issues.
A major concern is the possibility that someone can use another person’s IC to register for government aid programmes without having to go through the electronic know-your-customer (e-KYC) process. This must be solved.
At the speed the registration is going — about 800,000 have registered up to Jan 7 — more needs to be done.
Otherwise, the target for 29 million to register by March 31 will be difficult to achieve.
MOHD NOOR MUSA
Research analyst, Institut Masa Depan Malaysia (MASA)
Source: https://www.nst.com.my/opinion/letters/2024/01/1003409/tighten-padu-security-prevent-breaches
