Thai Cyber Authority Hurries to Reinforce Media Protections in Response to Intensifying Threats
In the face of growing cyber threats, Thailand's media organisations are being urged to bolster their security measures. The National Cyber Security Agency (NCSA) of Thailand, in collaboration with ThaiCERT, is leading the frontline against potential attacks, ready to provide assistance 24 hours a day.
ThaiCERT's recommendations for strengthening website security are clear and comprehensive. Media organisations are advised to configure robust security settings, implement regular password changes, deactivate unnecessary accounts, enable two-factor authentication (2FA), avoid pirated software, limit administrator privileges, and assign dedicated cybersecurity personnel.
The stakes are high, as these credentials, if they fall into malicious hands, could be used to disseminate false information or distort news, potentially escalating into a national security issue. To prevent this, media organisations should promptly assign a coordinator and verify any suspected leaked accounts to ensure the highest level of security for the nation's communication systems.
Regular system checks are also encouraged, and media outlets can enhance their defences by implementing comprehensive endpoint security measures. Deploying Endpoint Protection Platforms (EPP) with antivirus and behaviour-based detection, utilising Endpoint Detection & Response (EDR) for real-time anomaly monitoring, and enforcing patch management alongside regular software updates to fix vulnerabilities are all crucial steps.
Cultivating a strong security culture through employee training on phishing and strong password use, and applying Zero Trust principles for strict authentication of all network connections, are also essential.
When it comes to Distributed Denial-of-Service (DDoS) attacks, while direct advice from ThaiCERT was not found, standard practices include using network traffic filtering, rate limiting, and employing DDoS mitigation services to absorb and block malicious traffic.
combating fake news, media outlets should implement content validation processes and possibly leverage technological tools to verify source authenticity before publication.
Credential leaks can be mitigated by enforcing strong password policies, multi-factor authentication, and regular security audits to detect compromised credentials early.
In the event of a cyber attack, every organisation should have a well-defined incident response plan. ThaiCERT further stresses this importance.
In summary, Thai media should build robust endpoint security frameworks backed by organisational awareness and technical solutions to secure their infrastructure against cyber threats, as advised by ThaiCERT. Media outlets are also encouraged to report any cyber attack-related information to ThaiCERT, should abnormalities such as unusual login attempts, DDoS attacks, or the dissemination of fake news be detected.
- To ensure the integrity of their business operations, media outlets should consider building robust endpoint security frameworks that include the deployment of Endpoint Protection Platforms (EPP) for antivirus and behaviour-based detection, the implementation of Endpoint Detection & Response (EDR) for real-time anomaly monitoring, and the enforcement of patch management alongside regular software updates.
- Recognizing the importance of cybersecurity in the modern business landscape, media outlets should assign dedicated cybersecurity personnel, implement strong password policies, multi-factor authentication, and conduct regular security audits to prevent credential leaks.
- In the unfortunate event of a cyber attack, media outlets should have a well-defined incident response plan in place and should promptly report any cyber attack-related information to ThaiCERT, should abnormalities such as unusual login attempts, DDoS attacks, or the dissemination of fake news be detected.
